----Message d'origine----
>A: pgadmin-hackers@postgresql.org
>De: Troels Arvin <troels@arvin.dk>
>Sujet: Re: [pgadmin-hackers] 1.2.0 Gold uploaded
>Date: Wed, 01 Dec 2004 11:44:31 +0100
>
>On Wed, 01 Dec 2004 10:01:10 +0100, Troels Arvin wrote:
>
>> GPG signatures can be added to existing RPMs. See the "--addsign" rpm
>> parameter.
>
>By the way: It would be nice if Dave's signature were used, as is the case
>for the source tar-balls. Dave: Do you have RPM on your system? - Could
>you add signatures to the RPM files?
mmmh, I'm not sure it's a good solution...
How could Dave be sure that the RPMs he is signing are really the right ones (<thinking while writing>A signed mail
fromDevrim with MD5s in it would suffice for Dave</thinking while writing>). IMHO it's the packager responsibility to
signits own work and not the project coordinator responsibility.
Devrim, maybe you should take time to sign major releases and let snapshots live unsigned.
Regards,
Raphaël