checksum verification in nALFS

Jason Gurtz jason at tommyk.com
Sat Oct 12 09:09:43 PDT 2002



> <archive>
> 	<check></check>
> 	<unpack></unpack>
> </archive>

<snip>

> Anyway, we really need more opinions on this. It would help. :)

I'm undecided on what my opinon whould be on the destination issue, but
I thought I'd mention one thing.  On lfs-security there's been quite
abit of talk the last few days on checking package validaty via pgp
signatures.  It seems to me that method will only get more popular as
time goes on, so this use should probably also be considered in this
addition to the syntax.  The rough syntax shown above appears like it
would work in that context by simply inserting a 2nd <check /> above the
first to check the gpg sig.

Given that profiles can download and install things at will, signed and
checksum'ed profiles might not be so bad a consideration in the future
as well.

Anyway...

Cheers,

~Jason

-- 

-- 
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe alfs-discuss' in the subject header of the message



More information about the alfs-discuss mailing list