Hi, One of the ways to verify an archlinux iso image is via its gpg signature. However, doing this on an atom/geode system with < 1GiB of RAM is definitely not fun. And I suppose it also takes noticeable time to sign, even on an opteron/xeon server. Is there a particular reason why the images themselves are signed as opposed to only their checksum files? For instance, Fedora provides sha256sums with inline sigs [1], and verifying image checksum + checksum file signature is _much_ less CPU and memory demanding than verifying signature of an entire image. Thanks, Leonid. [1] http://mirrors.kernel.org/fedora/releases/19/Live/x86_64/Fedora-Live-x86_64-19-CHECKSUM -- Leonid Isaev GnuPG key: 0x164B5A6D Fingerprint: C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D
Attachment:
signature.asc
Description: PGP signature
