On Sun, Oct 30, 2011 at 2:31 PM, Giovanni Scafora email@example.com wrote:
Il 30/10/2011 14:12, Pierre Schmitz ha scritto:
it's about time to finalize our signing policy to get all our packages properly signed as soon as possible. Note that this is just about signing the package itself. How we will manage our keyring and sign that one using master keys is a different story.
At first please have a look at https://wiki.archlinux.org/index.php/DeveloperWiki:Signing_Packages and let me know if there is anything wrong or unclear. I would like to present this little Howto to the TU so that community packages can be signed as well.
To speed things up I'd like to let dbscripts enforce signed packages. This means that from now on no new packages can be uploaded that don't have a signature. We may give the TU a ew days mroe time as this will be new to them.
If you just agree with all this send a +1.