This is the mail archive of the cygwin-apps@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Maintainers doing it for themselves


----- Original Message -----
From: "Charles Wilson" <cwilson@ece.gatech.edu>
To: "Robert Collins" <robert.collins@syncretize.net>
Sent: Thursday, July 11, 2002 8:40 AM
Subject: Re: Maintainers doing it for themselves

> > If the signature doesn't checkout on your 'net release' keyring, then
> > it's not a maintainer uploading.
> >
> > A cron job could scan for new files every <x> minutes.
>
>
> A cron job with access to a keyring?  Is that a good idea?

Yes. Note: this is not a cron job with access to a private keyring. It's a
cron job with access to a collection of gpg public keys, and thats all it
needs to validate that the uploaded package is signed by someone.

Rob


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]