This is the mail archive of the
mailing list for the Cygwin project.
Re: Maintainers doing it for themselves
----- Original Message -----
From: "Charles Wilson" <email@example.com>
To: "Robert Collins" <firstname.lastname@example.org>
Sent: Thursday, July 11, 2002 8:40 AM
Subject: Re: Maintainers doing it for themselves
> > If the signature doesn't checkout on your 'net release' keyring, then
> > it's not a maintainer uploading.
> > A cron job could scan for new files every <x> minutes.
> A cron job with access to a keyring? Is that a good idea?
Yes. Note: this is not a cron job with access to a private keyring. It's a
cron job with access to a collection of gpg public keys, and thats all it
needs to validate that the uploaded package is signed by someone.