https://bugzilla.redhat.com/show_bug.cgi?id=1713767 --- Comment #15 from Richard W.M. Jones <rjones@xxxxxxxxxx> --- > · Would it be possible to provide a URL to the keyring? Use HTTPS if at all possible. Then anyone can verify that the keyring in the package is the same as upstream. (The build would of course still use the keyring in the Git repository.) It's been on my to-do list for a long time to set up letsencrypt on http://libguestfs.org but I haven't got around to it yet. However in this case the key is available from your favourite GPG keyserver: https://pgp.key-server.io/pks/lookup?search=rjones%40redhat.com&fingerprint=on&op=vindex and you can verify it by doing: $ gpg2 -k --fingerprint --homedir=`pwd` --keyring=libguestfs.keyring Please ignore the revoked key at the first link. A few years ago to prove some point someone generated a bunch of keys of open source software developers with colliding 32 bit IDs. The correct key has fingerprint F777 4FB1 AD07 4A7E 8C87 67EA 9173 8F73 E1B7 68A0. > · lib/nbd-protocol.h has a BSD license, so I think the license tag for the library becomes "LGPLv2+ and BSD". I'm not clear if the License field refers to the source or the binary, but if it refers to the binary then the license is LGPLv2+, but if it's for the source then it's mixed as you say. > · The license tag of libnbd-devel should include the license of the examples. At the moment I'm not sure what to call that license. It's intended to be as close to public domain as possible. Will fix the other things and post a new link soon. -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component _______________________________________________ package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-review@xxxxxxxxxxxxxxxxxxxxxxx
