1 |
On Thu, Nov 11, 2004 at 01:11:15PM -0700 or thereabouts, Glen Combe wrote: |
2 |
> Kurt can you clarify this for me or give me more detail... on what you |
3 |
> mean what you say below? What is the more robust solution? I dont recall |
4 |
> reading it here? |
5 |
> |
6 |
> "The solution that Peter is requesting (generating hashes of files not |
7 |
> already hashed and then signing all Manifests/hashes) is considerably more |
8 |
> risky and is not something I will implement since we have a more robust, |
9 |
> better solution in the works already." |
10 |
|
11 |
It's been mentioned numerous times. The strategic approach to fixing this |
12 |
issue is taking the work we've already put into signed manifests and |
13 |
extending it to cover other files as well (eclasses, profiles, etc.) There |
14 |
is an open RFE bug for this and Jason (one of our portage devs) has already |
15 |
said they're working on it. |
16 |
|
17 |
--kurt |