1 |
I shouldn't have mentioned that old issue. Apologies... Back to the |
2 |
topic at hand. |
3 |
|
4 |
What is the current status of gpg signatures? Is gpg signing |
5 |
documented anywhere? |
6 |
|
7 |
Can all files be signed, or just ebuilds and eclasses? |
8 |
|
9 |
When will signing be enforced? |
10 |
|
11 |
Is it possible to reject non-signed ebuilds by default in emerge? |
12 |
Should users start filing bugs for packages that aren't signed to get |
13 |
them signed? |
14 |
|
15 |
When can we stop using MD5? How far along is support for SHA? |
16 |
|
17 |
Someone mentioned that nobody cares because nobody has stepped up to |
18 |
do it. What still needs to be done? I'm sure that people do care. How |
19 |
can we help? |
20 |
|
21 |
Hopefully we can find some positive solutions to get these things |
22 |
fixed and make a more secure gentoo. |
23 |
|
24 |
-- |
25 |
gentoo-dev@g.o mailing list |