1 |
So I'm not going to directly attach the GLEPs again this time, however |
2 |
I am just going to link to them, and summarize the changes: |
3 |
|
4 |
xx+1: |
5 |
- Add mention of how to defeat the mirror replay attacks from Stork@UArizona. |
6 |
- Clarify wording of the UNCOVERED=ALL-COVERED set math, and why it's |
7 |
important (genone) |
8 |
- Add a timestamp to the metamanifest. |
9 |
- Mention that it can be implemented without the new Manifest2 |
10 |
filetypes. |
11 |
|
12 |
xx+5: |
13 |
- Update the exclusion lists. |
14 |
- Exclusion list behavior during strict validation. |
15 |
- Fix typos. |
16 |
|
17 |
prototype/generate-metamanifest.py: |
18 |
- Prototype of the MetaManifest generation. |
19 |
- Doesn't sign yet, but does include the timestamp. |
20 |
- Uses existing Manifest2 types. |
21 |
- See header for existing runtime info - it's quite fast. |
22 |
|
23 |
http://sources.gentoo.org/viewcvs.py/gentoo/users/robbat2/tree-signing-gleps/ |
24 |
|
25 |
I'd like to ask for any comments to be in to me by July 14th 23:59UTC. |
26 |
After that I'd like to post the GLEPs to the gentoo-dev mailing list. |
27 |
|
28 |
-- |
29 |
Robin Hugh Johnson |
30 |
Gentoo Linux Developer & Infra Guy |
31 |
E-Mail : robbat2@g.o |
32 |
GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85 |