[Bug 1834731] Review Request: bitcoin - Peer to Peer Cryptographic Currency

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



https://bugzilla.redhat.com/show_bug.cgi?id=1834731



--- Comment #29 from Oleg Girko <ol+redhat@xxxxxxxxxxxxx> ---
(In reply to Björn Persson from comment #28)
> (In reply to Oleg Girko from comment #27)
> > I think, the main PGP public key's checksum should be embedded into spec
> > file and checked against to make sure all re-downloaded sources are correct.
> 
> That wouldn't hurt. You would want a GnuPG command – or a series of commands
> – to verify that the given keyring contains a key with the given
> fingerprint, and also that it doesn't contain any other keys. Can you
> propose such a command? Don't forget to ensure that GnuPG will look only in
> the specified keyring even if the user has a default keyring.

Something like this in %prep section:

    echo 123456789abcdef... %{SOURCE12} | sha256sum -c


-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
_______________________________________________
package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-review@xxxxxxxxxxxxxxxxxxxxxxx




[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite Conditions]     [KDE Users]

  Powered by Linux