Salut, Adrian,
On Mon, 19 Jan 2009 22:09:42 +0000, Adrian Portelli wrote:
> If we were implementing this as an 'in house' (i.e. pkgsrc solution)
> then I agree that there are potentially better way to do this using
> other, possibly in tree, tools.
>
> However, the signature verification framework is designed to be used
> for authors that have made the signature for their software available
> themselves. It's really just meant to take advantage of a feature
> that is available now with some packages as opposed to implementing a
> solution for all distfiles.
Oh sorry, I misunderstood that then. I thought we were adding sigs to
distinfo or such. (Which might not be the worst idea, still.)
Tonnerre
Attachment:
signature.asc
Description: PGP signature