[arch-dev-public] Finalizing the package signing process

Ronald van Haren pressh at gmail.com
Sun Oct 30 09:32:37 EDT 2011

On Sun, Oct 30, 2011 at 2:31 PM, Giovanni Scafora
<giovanni at archlinux.org> wrote:
> Il 30/10/2011 14:12, Pierre Schmitz ha scritto:
>> Hi all,
>> it's about time to finalize our signing policy to get all our packages
>> properly signed as soon as possible. Note that this is just about
>> signing the package itself. How we will manage our keyring and sign that
>> one using master keys is a different story.
>> At first please have a look at
>> https://wiki.archlinux.org/index.php/DeveloperWiki:Signing_Packages and
>> let me know if there is anything wrong or unclear. I would like to
>> present this little Howto to the TU so that community packages can be
>> signed as well.
>> To speed things up I'd like to let dbscripts enforce signed packages.
>> This means that from now on no new packages can be uploaded that don't
>> have a signature. We may give the TU a ew days mroe time as this will be
>> new to them.
>> If you just agree with all this send a +1.
> +1
> --
> Arch Linux Developer
> http://www.archlinux.org
> http://www.archlinux.it



More information about the arch-dev-public mailing list