From 1be510f9529cb082f802408b472a77d074b394c0 Mon Sep 17 00:00:00 2001 From: Nicolas Vigier Date: Sun, 14 Apr 2013 13:46:12 +0000 Subject: Add zarb MLs html archives --- zarb-ml/mageia-dev/20110204/002437.html | 76 +++++++++++++++++++++++++++++++++ 1 file changed, 76 insertions(+) create mode 100644 zarb-ml/mageia-dev/20110204/002437.html (limited to 'zarb-ml/mageia-dev/20110204/002437.html') diff --git a/zarb-ml/mageia-dev/20110204/002437.html b/zarb-ml/mageia-dev/20110204/002437.html new file mode 100644 index 000000000..667e65c4e --- /dev/null +++ b/zarb-ml/mageia-dev/20110204/002437.html @@ -0,0 +1,76 @@ + + + + [Mageia-dev] PGP keys and package signing + + + + + + + + + +

[Mageia-dev] PGP keys and package signing

+ nicolas vigier + boklm at mars-attacks.org +
+ Fri Feb 4 12:19:50 CET 2011 +

+
+ +
On Mon, 31 Jan 2011, nicolas vigier wrote:
+
+> 
+> In this thread :
+> https://www.mageia.org/pipermail/mageia-dev/20110128/002363.html
+> misc proposed that we publish tarballs of our software on the mirrors,
+> and sign them using a pgp key. So we need a key for that. We also want
+> to sign ISOs, maybe with a different key. So I think we can do the same
+> as for packages key, we create new keys for software releases and for
+> ISOs, and we sign those keys with the board@ key. And we can tell
+> everybody that all files released by the project are always signed by
+> a key that was signed by the board@ key.
+
+So we need to decide which keys we need, before fosdem :
+ - for signing packages: packages at mageia.org
+ - for signing software: software at mageia.org
+ - for signing ISOs : release at mageia.org
+
+Any other key needed ?
+
+
+ + + +
+

+ +
+More information about the Mageia-dev +mailing list
+ -- cgit v1.2.1