Re: [pacman-dev] Finishing off the package signing issue -- Update
I inadvertently broke my email account when I configured git-send-mail, and I only just realized it. Everything I've sent to the list since then didn't go through, so I'm resending this message, originally sent June 6. On Wed, Jun 1, 2011 at 3:59 PM, Dan McGee <dpmcgee@gmail.com> wrote:
* Lazy DB loading makes things much more difficult. I'm not willing to sacrifice this for signing, so striking a balance between when we check sigs and ensuring frontends (and our backend code!) are well aware the database won't be loaded due to a failed signature check is really important. This is probably the single biggest blocker, and perhaps why those not involved until now seem to think this is going at a snail's pace. If you'd like to see how big of a task this is, I will send my three different approaches in various stages of completion to the mailing list, none of which I am super happy with.
Can you please send this code, and elaborate a little more on the problem?
* Architecting checks to be done in parallel in the future; we had a demo patchset posted for this when only doing md5 checks but I want to make sure we can do this again later for all types of package verification.
I think once we have a solution for the trustdb locking issue, parallel signature checking won't be hard. Thanks, Kerrick Staley
participants (1)
-
Kerrick Staley