[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Binary patch generation script (initial version)
On Sat, May 02, 2009 at 02:25:27PM +0200, Tonnerre LOMBARD wrote:
> > As already indicated, please consider the use of netpgp and the
> > existing web of trust. There's a package in pkgsrc/security/netpgp.
> That would mean changing the current patch format entirely and
> rewriting the other tools; I'd prefer to get them running first
> and to introduce a new patch format with PGP later if required.
> For now, OpenSSL was chosen in order to add as few out-of-base
> dependencies as possible.
Please don't change this to use PGP by default. If the intent is to
have the NetBSD Foundation produce patches in a centralized way and
distribute them to users, a hierarchical trust model is better -- and
we already have the tools and libraries in the system to support it
the way you wrote your code.
Thor Lancelot Simon
"Even experienced UNIX users occasionally enter rm *.* at the UNIX
prompt only to realize too late that they have removed the wrong
segment of the directory structure." - Microsoft WSS whitepaper
Main Index |
Thread Index |