On 11/29/2009 11:29 AM, Christopher Brown wrote: > 2009/11/29 Kalev Lember <kalev@xxxxxxxxxxxx>: >> Hello, > > <snip> > >> Comments? > > I'm the maintainer for log4net but unfortunately not for nant. I've > finally gotten around to looking at this. > > Debian have a policy[1] of using a standard mono.snk which is provided > by a package (I guess we just then BuildRequires this) and I think > this seems like a good solution but have no experience of this. > We should definitely use Debian's key, right? Otherwise some Fedora CLI libraries would be unnecessarily incompatible with Debian, and whoever else uses Debian's key. The whole business of not shipping code-signing keys is a little contrary to open source. I think this is something that GPLv3 would prohibit. We should use a single well-known signing key for any package that we don't have the keys for, I think. Adam
Attachment:
signature.asc
Description: OpenPGP digital signature
-- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
