Maintainers doing it for themselves
Robert Collins
robert.collins@syncretize.net
Wed Jul 10 16:24:00 GMT 2002
----- Original Message -----
From: "Charles Wilson" <cwilson@ece.gatech.edu>
To: "Robert Collins" <robert.collins@syncretize.net>
Sent: Thursday, July 11, 2002 8:40 AM
Subject: Re: Maintainers doing it for themselves
> > If the signature doesn't checkout on your 'net release' keyring, then
> > it's not a maintainer uploading.
> >
> > A cron job could scan for new files every <x> minutes.
>
>
> A cron job with access to a keyring? Is that a good idea?
Yes. Note: this is not a cron job with access to a private keyring. It's a
cron job with access to a collection of gpg public keys, and thats all it
needs to validate that the uploaded package is signed by someone.
Rob
More information about the Cygwin-apps
mailing list