RPM: signing uncompressed data instead of signed data?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I came across the following old post, which I'm not responding to in-thread due
to its age.

https://www.redhat.com/archives/fedora-devel-list/2009-September/msg00517.html

The question was raised why RPMs sign their compressed data, rather than
uncompressed. (One advantage would be to avoid deltarpm rebuild failures due to
changes in compression such as the recent one in xz.) The answer had to do with
the fact that higher-level tools (createrepo and yum) depend on the current
behavior, but that doesn't address whether it's just an early design mistake
that we're locked into now, or if there's actually some overall advantage to
doing things this way (that outweighs the obvious disadvantage of inflexibility
in how the data is compressed). Can anyone shed some light on this?

-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux