Should Fedora rpms be signed? Yes...resign and rsync...
feliciano.matias at free.fr
Sat Oct 30 10:57:40 UTC 2004
Le vendredi 29 octobre 2004 à 21:59 -0700, Nifty Hat Mitch a écrit :
> The comment about rsync is interesting.
> The question may be:
> How does rsync like a package being signed or better yet resigned
> at some later time?
> As I understand it the gpg signature is a modest structure and
> resigning an rpm does not so badly mess up a file that rsync cannot
> optimize the change as long as the keys have the same length.
> To test I picked on something big and network rude to change and test.
The problem is that all changed rpm would be check again at the next
invocation of rsync. When there is about 1 Go of unsigned rpm, this mean
that the client _and_ the server should read 1 Go of data (even if a
small part of the data have changed). The mirror don't like this.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: Ceci est une partie de message
Url : http://lists.fedoraproject.org/pipermail/test/attachments/20041030/091447de/attachment.bin
More information about the test