2009/12/15 Adam Goode <adam@xxxxxxxxxxxxx>: > On 12/13/2009 06:16 AM, Christopher Brown wrote: >> 2009/12/11 Adam Goode <adam@xxxxxxxxxxxxx>: >>> We should definitely use Debian's key, right? Otherwise some Fedora CLI >>> libraries would be unnecessarily incompatible with Debian, and whoever >>> else uses Debian's key. >>> >>> The whole business of not shipping code-signing keys is a little >>> contrary to open source. I think this is something that GPLv3 would >>> prohibit. We should use a single well-known signing key for any package >>> that we don't have the keys for, I think. >> >> You're right. >> >> This has already been resolved in devel by added mono.snk to the >> mono-devel package. I'm just waiting on commit access to make the >> required changes to F-11 and F-12 unless someone else wants to do it. >> > > It looks like spot generated a new mono.snk. I was arguing to use > Debian's mono.snk, for cross-distro compatibility. Shouldn't everyone > should use Debian's key unless a package provides its own? Ideally we (Fedora and Debian) should use a single key generated by upstream but as this issue is only problematic due to cyclic dep problems in the build process I think that using our own is enough. Unfortunately I don't care enough to chase this issue further. -- Christopher Brown -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
