Rawhide

[Colin Walters]

On Mon, 2012-11-05 at 22:52 -0600, Dennis Gilmore wrote:
> all we would gain is a way to distinguish an offical
> build vs a scratch build in koji or a build someone did to mimic our
> environment.

I think what people mainly want here is a means to protect against
man-in-the-middle attacks between the build server and their machines.

This could be solved equivalently with SSL, but the problem with that is
of course that Fedora relies heavily on a volunteer mirror network, and
not many of them have it enabled; at least, trying to do s/http/https/
on some of the links in
http://mirrors.fedoraproject.org/publiclist/Fedora/development/x86_64/
got me 1 out of 10.