On Mon, 2012-11-05 at 22:52 -0600, Dennis Gilmore wrote: > all we would gain is a way to distinguish an offical > build vs a scratch build in koji or a build someone did to mimic our > environment. I think what people mainly want here is a means to protect against man-in-the-middle attacks between the build server and their machines. This could be solved equivalently with SSL, but the problem with that is of course that Fedora relies heavily on a volunteer mirror network, and not many of them have it enabled; at least, trying to do s/http/https/ on some of the links in http://mirrors.fedoraproject.org/publiclist/Fedora/development/x86_64/ got me 1 out of 10. -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
