1 |
-----BEGIN PGP SIGNED MESSAGE----- |
2 |
Hash: SHA512 |
3 |
|
4 |
On 08/14/2015 01:56 PM, Andrew Savchenko wrote: |
5 |
|
6 |
.. |
7 |
|
8 |
> |
9 |
> 2. The question is why manifests are modified for rsync. In git |
10 |
> manifests are thin (only distfiles are there), in rsync they also |
11 |
> contain checksums for ebuilds and files dir content. Do we really |
12 |
> need this? These manifests are not signed now, so of little use. |
13 |
|
14 |
They will be OpenPGP signed by a releng key during thickening and |
15 |
portage will auto-verify it using gkeys once things are in place. As |
16 |
such checksum for ebuilds and other files certainly needs to be part |
17 |
of the manifest, otherwise it can open up for malicious alterations of |
18 |
these files. |
19 |
|
20 |
- -- |
21 |
Kristian Fiskerstrand |
22 |
Public PGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net |
23 |
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 |
24 |
-----BEGIN PGP SIGNATURE----- |
25 |
|
26 |
iQEcBAEBCgAGBQJVzeLTAAoJECULev7WN52F9z8H/1Es0XTZP2eBmVyMSfVf65T7 |
27 |
MVO2v+0r91kjBekwkmKMNbLM/ZubAq1af20xSUW5Q9kBANJ3GIieU/6CpcVS3BCP |
28 |
bgjSCSOj2cydCgWO3i6eydrB9yEpLVPzi4rezbNVSaLsG3WYEl07z/knXYU5mJJW |
29 |
ViXNeOBPyCDpJiwgccGDmIbFvIghI9bPFOCrLRvmH5v+Velk0QNdK/PZd9pvd792 |
30 |
FIyoPcE2hq8NYpeH7o/WWwLcsczERg5HhcAnTmTZYZ0DpLhQzEfHrLlkD46JbR0j |
31 |
JT7rn7PtmtsQNoXTQesmA4hrGLu26fUVljqSbIwJt/33ijis7VSxZVedCp7wGyc= |
32 |
=c5IU |
33 |
-----END PGP SIGNATURE----- |