From 1be510f9529cb082f802408b472a77d074b394c0 Mon Sep 17 00:00:00 2001 From: Nicolas Vigier Date: Sun, 14 Apr 2013 13:46:12 +0000 Subject: Add zarb MLs html archives --- zarb-ml/mageia-dev/20110204/002438.html | 83 +++++++++++++++++++++++++++++++++ 1 file changed, 83 insertions(+) create mode 100644 zarb-ml/mageia-dev/20110204/002438.html (limited to 'zarb-ml/mageia-dev/20110204/002438.html') diff --git a/zarb-ml/mageia-dev/20110204/002438.html b/zarb-ml/mageia-dev/20110204/002438.html new file mode 100644 index 000000000..a1bc2c6e6 --- /dev/null +++ b/zarb-ml/mageia-dev/20110204/002438.html @@ -0,0 +1,83 @@ + + + + [Mageia-dev] PGP keys and package signing + + + + + + + + + +

[Mageia-dev] PGP keys and package signing

+ Michael Scherer + misc at zarb.org +
+ Fri Feb 4 12:51:15 CET 2011 +

+
+ +
Le vendredi 04 février 2011 à 12:19 +0100, nicolas vigier a écrit :
+> On Mon, 31 Jan 2011, nicolas vigier wrote:
+> 
+> > 
+> > In this thread :
+> > https://www.mageia.org/pipermail/mageia-dev/20110128/002363.html
+> > misc proposed that we publish tarballs of our software on the mirrors,
+> > and sign them using a pgp key. So we need a key for that. We also want
+> > to sign ISOs, maybe with a different key. So I think we can do the same
+> > as for packages key, we create new keys for software releases and for
+> > ISOs, and we sign those keys with the board@ key. And we can tell
+> > everybody that all files released by the project are always signed by
+> > a key that was signed by the board@ key.
+> 
+> So we need to decide which keys we need, before fosdem :
+>  - for signing packages: packages at mageia.org
+>  - for signing software: software at mageia.org
+>  - for signing ISOs : release at mageia.org
+> 
+> Any other key needed ?
+
+Seems good to me.
+
+
+-- 
+Michael Scherer
+
+
+ + + +
+

+ +
+More information about the Mageia-dev +mailing list
+ -- cgit v1.2.1