Time to resurrect multi-key signatures in RPM?
bojan at rexursive.com
Tue Aug 26 02:39:47 UTC 2008
Andrew Bartlett <abartlet <at> samba.org> writes:
> I think the checksums would be the hardest part. Build times, hosts
> and other details are very often embedded into a build.
Yeah, good point. We do have checksums of individual files inside the RPM,
right? Maybe we can leverage that in order to provide a build system neutral
checksum that can be verified independently?
More information about the devel