Re: Fedora Project launches Pre-Extras

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Saturday 18 December 2004 23:46, Michael Schwendt wrote:
> On Sat, 18 Dec 2004 23:15:25 +0100 (CET), Dag Wieers wrote:
> > On Sat, 18 Dec 2004, Michael Schwendt wrote:
> > > On Sat, 18 Dec 2004 08:57:23 -0500, Jeff Spaleta wrote:
> > > > On Sat, 18 Dec 2004 11:58:45 +0100, nodata <fedora@xxxxxxxxxxxx> 
wrote:
> > > > > An rpm tool doesn't care about the filename, so why remove it?
> > > >
> > > > You have missed the point entirely.   The filaname for an rpm is
> > > > typically constructed from a number of header tags as part of the
> > > > build process. The distrotags that are being used arent just in the
> > > > filename they are in the RELEASE tag.
> > >
> > > Which is part of the problem.
> >
> > Please indicate where the problem is.
>
> Done that before in this thread.

Can you please give the timestamp of that mail please? I can't find it in this 
long thread.

> > The current scheme has the following advantages:
> >
> > + It allows people to build trust for packages because the source becomes
> >    visible (this works in both ways, if a package is good or bad)
>
> *gasp*
>
> Please tell me that you just made a joke.
>
> People should _never_ deduce the origin of a package from its
> filename.
>
> [They may start to trust the signer of packages and the signed
> packages which come from him.]

People express a certain trust in a packager when they download and install 
rpms from his site or when they import that packagers key and configure their 
apt/yum/smart to also use that packagers group of signed rpms. In my opinion 
this is unrelated to having a repotag added to the release tag.

kind regards,
Dries


[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]