RPM: signing uncompressed data instead of signed data?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



James Antill wrote:

> IMO, as has been said before, if you have a delta method that doesn't
> produce the exact same bits at the end ... you've probably failed. It
> might seem like a good idea, but even if you go to the extreme lengths
> needed to make it just for yum ... things like reposync won't be able
> to use it, Eg.
>
>  http://james.fedorapeople.org/python/delta-rpm-dir.py

I realize there's a lot of stuff sitting on top of RPM that depends on
how it works currently, but in terms of correctness, it still seems to
me to make more sense to sign the uncompressed data, since that's what
actually gets used, and it would avoid issues like
https://fedorahosted.org/rel-eng/ticket/4224 which will have to be dealt
with periodically as long as compression continues to improve. So let me
rephrase the question: in an alternate universe where RPM was originally
designed to sign the uncompressed data, and the higher-level tools were
subsequently designed to work with that, is there any fundamental reason
why things would be worse (or better) than they are now?

(Again, sorry for not replying in-thread, but Gmane isn't updating.)


Attachment: signature.asc
Description: OpenPGP digital signature

-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux