| 1 |
So I'm not going to directly attach the GLEPs again this time, however |
| 2 |
I am just going to link to them, and summarize the changes: |
| 3 |
|
| 4 |
xx+1: |
| 5 |
- Add mention of how to defeat the mirror replay attacks from Stork@UArizona. |
| 6 |
- Clarify wording of the UNCOVERED=ALL-COVERED set math, and why it's |
| 7 |
important (genone) |
| 8 |
- Add a timestamp to the metamanifest. |
| 9 |
- Mention that it can be implemented without the new Manifest2 |
| 10 |
filetypes. |
| 11 |
|
| 12 |
xx+5: |
| 13 |
- Update the exclusion lists. |
| 14 |
- Exclusion list behavior during strict validation. |
| 15 |
- Fix typos. |
| 16 |
|
| 17 |
prototype/generate-metamanifest.py: |
| 18 |
- Prototype of the MetaManifest generation. |
| 19 |
- Doesn't sign yet, but does include the timestamp. |
| 20 |
- Uses existing Manifest2 types. |
| 21 |
- See header for existing runtime info - it's quite fast. |
| 22 |
|
| 23 |
http://sources.gentoo.org/viewcvs.py/gentoo/users/robbat2/tree-signing-gleps/ |
| 24 |
|
| 25 |
I'd like to ask for any comments to be in to me by July 14th 23:59UTC. |
| 26 |
After that I'd like to post the GLEPs to the gentoo-dev mailing list. |
| 27 |
|
| 28 |
-- |
| 29 |
Robin Hugh Johnson |
| 30 |
Gentoo Linux Developer & Infra Guy |
| 31 |
E-Mail : robbat2@g.o |
| 32 |
GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85 |
Archives