On Fri, 18 Mar 2011, Keith Roberts wrote:
http://www.gnupg.org/documentation/guides.en.html
The more people you can get to sign your public key (building the web of
trust), the better. Read up on key-signing parties.
Thanks Tim.
I've created a file with my public key in, and have resigned the packages I
have already built. So I just need to check all this works by installing one
of my built packages.
I highly recommend also making a "release" package (e.g. kroberts-release)
that installs kroberts.repo in /etc/yum.repos.d and your key file
in /etc/pki/rpm-gpg. This can then be updated to add a signing key
or another repo (e.g. kroberts-testing).
--
Stuart D. Gathman <stuart@xxxxxxxx>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flammis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.
_______________________________________________
Rpm-list mailing list
Rpm-list@xxxxxxxxxxxxx
http://lists.rpm.org/mailman/listinfo/rpm-list
