[Fedora-packaging] signing

Christopher Howard christopher.howard at frigidcode.com
Mon Apr 23 18:54:36 UTC 2012


I build my RPMs on one system but GPG sign them on another, which seems
to work fine with the rpmsign command. I was just wondering: is it
customary to sign just the source RPM, or both the source and binary
RPMs? Does it hurt anything to sign both?

-- 
frigidcode.com
indicium.us

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 554 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/packaging/attachments/20120423/9ada55e1/attachment.sig>


More information about the packaging mailing list