1 |
-----BEGIN PGP SIGNED MESSAGE----- |
2 |
Hash: SHA256 |
3 |
|
4 |
On 14/08/15 07:56 AM, Andrew Savchenko wrote: |
5 |
> 2. The question is why manifests are modified for rsync. In git |
6 |
> manifests are thin (only distfiles are there), in rsync they |
7 |
> also contain checksums for ebuilds and files dir content. Do we |
8 |
> really need this? These manifests are not signed now, so of |
9 |
> little use. |
10 |
|
11 |
There's still plenty of cases where there can be mis-matches that |
12 |
the checksums will catch; just because it's not a be-all-and-end-all |
13 |
security solution doesn't mean it's not valuable for data integrity |
14 |
in general. |
15 |
|
16 |
|
17 |
-----BEGIN PGP SIGNATURE----- |
18 |
Version: GnuPG v2 |
19 |
|
20 |
iF4EAREIAAYFAlXN/NsACgkQAJxUfCtlWe3BBQD/blYWTRa7WuF+GdGlQ8grxvlk |
21 |
Rdx67cc5Bfvt5qTvuVwBAOf6Ef5f7QUX8jI0vLM6Sn7Gy+CPopxFanqIcgLvMjfr |
22 |
=dea0 |
23 |
-----END PGP SIGNATURE----- |