Subject: Re: little hacking project: bulk build checksums
To: Hubert Feyrer <hubert@feyrer.de>
From: grant beattie <grant@NetBSD.org>
List: tech-pkg
Date: 01/23/2005 16:56:24
--+jhVVhN62yS6hEJ8
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sun, Jan 23, 2005 at 03:56:35AM +0100, Hubert Feyrer wrote:

> On Sun, 23 Jan 2005, grant beattie wrote:
> >we have the ability to cryptographically sign binary packages, which
> >can be automatically verified by pkg_add.
>=20
> I hear that myth on and off, but never found any documentation, usage=20
> examples etc. on it. Can you tell us more about it?

from a quick perusal, I can't see how to create a signed binary pkg,
but the -s argument to pkg_add(8) is used to verify signatures.

grant.


--+jhVVhN62yS6hEJ8
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (NetBSD)

iD8DBQFB8zyIluYOb9yiFXoRAgPMAKCHUVu3ciiM5kqxoAi56hz8U5aUlACeJTej
jpNkIy190mykFAP6LTywupA=
=VPvs
-----END PGP SIGNATURE-----

--+jhVVhN62yS6hEJ8--