From 1be510f9529cb082f802408b472a77d074b394c0 Mon Sep 17 00:00:00 2001
From: Nicolas Vigier <boklm@mageia.org>
Date: Sun, 14 Apr 2013 13:46:12 +0000
Subject: Add zarb MLs html archives

---
 zarb-ml/mageia-dev/2012-June/016186.html | 155 +++++++++++++++++++++++++++++++
 1 file changed, 155 insertions(+)
 create mode 100644 zarb-ml/mageia-dev/2012-June/016186.html

(limited to 'zarb-ml/mageia-dev/2012-June/016186.html')

diff --git a/zarb-ml/mageia-dev/2012-June/016186.html b/zarb-ml/mageia-dev/2012-June/016186.html
new file mode 100644
index 000000000..6a341f868
--- /dev/null
+++ b/zarb-ml/mageia-dev/2012-June/016186.html
@@ -0,0 +1,155 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
+<HTML>
+ <HEAD>
+   <TITLE> [Mageia-dev] Proposed Feature: RepositorySignatures
+   </TITLE>
+   <LINK REL="Index" HREF="index.html" >
+   <LINK REL="made" HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20Proposed%20Feature%3A%20RepositorySignatures&In-Reply-To=%3C20120605151052.GY21938%40mars-attacks.org%3E">
+   <META NAME="robots" CONTENT="index,nofollow">
+   <META http-equiv="Content-Type" content="text/html; charset=us-ascii">
+   <LINK REL="Previous"  HREF="016184.html">
+   <LINK REL="Next"  HREF="016193.html">
+ </HEAD>
+ <BODY BGCOLOR="#ffffff">
+   <H1>[Mageia-dev] Proposed Feature: RepositorySignatures</H1>
+    <B>nicolas vigier</B> 
+    <A HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20Proposed%20Feature%3A%20RepositorySignatures&In-Reply-To=%3C20120605151052.GY21938%40mars-attacks.org%3E"
+       TITLE="[Mageia-dev] Proposed Feature: RepositorySignatures">boklm at mars-attacks.org
+       </A><BR>
+    <I>Tue Jun  5 17:10:52 CEST 2012</I>
+    <P><UL>
+        <LI>Previous message: <A HREF="016184.html">[Mageia-dev] [changelog] [RPM] cauldron core/release	bcd-3.7-1.mga3
+</A></li>
+        <LI>Next message: <A HREF="016193.html">[Mageia-dev] mplayer vdpau backend broken
+</A></li>
+         <LI> <B>Messages sorted by:</B> 
+              <a href="date.html#16186">[ date ]</a>
+              <a href="thread.html#16186">[ thread ]</a>
+              <a href="subject.html#16186">[ subject ]</a>
+              <a href="author.html#16186">[ author ]</a>
+         </LI>
+       </UL>
+    <HR>  
+<!--beginarticle-->
+<PRE>= Summary =
+
+The packages in the repository are signed, but metadata are currently
+not signed. This feature would add metadata signatures on the
+repository, and create tools to check them.
+
+= Detailed Description =
+
+The packages on the repository are signed with PGP. However, the
+repository metadata are not currently signed. This includes :
+* the hdlists
+* the list of media, and PGP key to use to check the packages
+* installer files used for network installs
+
+This feature can be implemented in different steps :
+
+== Publish checksum of important files on the mirrors ==
+
+This will be done by sysadmin team. The mageia build system will be
+modified to generate a file containing sha1sum of important files
+on the mirror :
+* media.cfg file
+* media_info/MD5SUM and media_info/pubkey files for each repository.
+  Those files contain the checksums of the hdlists files, and the public
+  key used to check the package signatures.
+* timestamp file, containing the date of the last update of the mirror
+* installer files
+This file will be signed using Mageia PGP key.
+
+== Mirror integrity check tool ==
+
+A tool to check a mirror integrity will be created. It should be able
+to check all the mirror content, or only some medias.
+
+== Integration in MGA::Mirror ==
+
+The mirror integrity check will be integrated in Mga::Mirror so that
+incorrect or outdated mirrors are automatically removed from
+mirrorslist.
+
+== Integration in urpmi ==
+
+Urpmi will be updated to check the metadata signatures when updating
+medias.
+
+== Integration in installer ==
+
+The installer will be updated to check the signature of stage2
+downloaded from the server.
+
+
+<A HREF="https://wiki.mageia.org/en/Feature:RepositorySignatures">https://wiki.mageia.org/en/Feature:RepositorySignatures</A>
+
+</PRE>
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+<!--endarticle-->
+    <HR>
+    <P><UL>
+        <!--threads-->
+	<LI>Previous message: <A HREF="016184.html">[Mageia-dev] [changelog] [RPM] cauldron core/release	bcd-3.7-1.mga3
+</A></li>
+	<LI>Next message: <A HREF="016193.html">[Mageia-dev] mplayer vdpau backend broken
+</A></li>
+         <LI> <B>Messages sorted by:</B> 
+              <a href="date.html#16186">[ date ]</a>
+              <a href="thread.html#16186">[ thread ]</a>
+              <a href="subject.html#16186">[ subject ]</a>
+              <a href="author.html#16186">[ author ]</a>
+         </LI>
+       </UL>
+
+<hr>
+<a href="https://www.mageia.org/mailman/listinfo/mageia-dev">More information about the Mageia-dev
+mailing list</a><br>
+</body></html>
-- 
cgit v1.2.1