28 Nov
2016
28 Nov
'16
09:29
On Monday 2016-11-28 09:34, Mathias Homann wrote:
Am Montag, 28. November 2016, 05:40:54 CET schrieb Bernhard M. Wiedemann:
when building RPMs in OBS, each of them is signed with a private key that is kept somewhere in the OBS infrastructure. But it occurred to me, that this might not actually be needed because we sign repository metadata
Lastly, people can always manually download and install packages without adding the repositories.
This is where I need to point out the unsafety of the Debian package format :-) -- To unsubscribe, e-mail: opensuse-packaging+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-packaging+owner@opensuse.org