On Tue, 06 Nov 2012 20:33:20 +0100 Thomas Bächler <thomas@xxxxxxxxxxxxx> wrote: > Am 06.11.2012 20:11, schrieb Leonid Isaev: > > A bit OT, but anyway... Are there any plans for actually storing *.sig > > files in the cache alongside the packages? This costs a tiny amount of > > space, but IMHO will make verification (especially of old packages) much > > easier. > > pacman does not download them, so it cannot store them. > > Signatures are contained in the db file. > > Yes, but it's only for the current (latest synced) set of packages, and even then I have to parse the desc files and filter the ascii sigs through base64, all outside of pacman which I think does it anyway at the verification stage. Hence my question. For example, I don't mind a performance hit due to regeneration of all binary signatures on the fly. Just an opinion though... -- Leonid Isaev GnuPG key: 0x164B5A6D Fingerprint: C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D
Attachment:
signature.asc
Description: PGP signature
