Le mer 13/08/2003 à 15:49, Bill Nottingham a écrit :
Féliciano Matias (feliciano.matias@free.fr) said:
Many packages in Rawhide are not signed (528/1461). Normal ?
Yes, it's normal. Signing is a manual process, it's not done all the time.
OK, it's too much work.
But what can i do if my favourite rawhide mirror is cracked ? Nothing.
At least give a signed md5sum file of all packages. Perhaps a none signed md5sum in a redhat https site is enough if you don't want to sign it manually.
If i can't confirm the source of rawhide packages, i will not use any more mirrors :-)
If RHLP and Rawhide is a success, i think it's important to find a solution.
Don't wait an accident to be forced to do something : http://lwn.net/Articles/44402/
Bill