| 1 |
-----BEGIN PGP SIGNED MESSAGE----- |
| 2 |
Hash: SHA256 |
| 3 |
|
| 4 |
On 14/08/15 07:56 AM, Andrew Savchenko wrote: |
| 5 |
> 2. The question is why manifests are modified for rsync. In git |
| 6 |
> manifests are thin (only distfiles are there), in rsync they |
| 7 |
> also contain checksums for ebuilds and files dir content. Do we |
| 8 |
> really need this? These manifests are not signed now, so of |
| 9 |
> little use. |
| 10 |
|
| 11 |
There's still plenty of cases where there can be mis-matches that |
| 12 |
the checksums will catch; just because it's not a be-all-and-end-all |
| 13 |
security solution doesn't mean it's not valuable for data integrity |
| 14 |
in general. |
| 15 |
|
| 16 |
|
| 17 |
-----BEGIN PGP SIGNATURE----- |
| 18 |
Version: GnuPG v2 |
| 19 |
|
| 20 |
iF4EAREIAAYFAlXN/NsACgkQAJxUfCtlWe3BBQD/blYWTRa7WuF+GdGlQ8grxvlk |
| 21 |
Rdx67cc5Bfvt5qTvuVwBAOf6Ef5f7QUX8jI0vLM6Sn7Gy+CPopxFanqIcgLvMjfr |
| 22 |
=dea0 |
| 23 |
-----END PGP SIGNATURE----- |
Archives