First community release
Perry Myers
pmyers at redhat.com
Wed Nov 30 13:54:50 UTC 2011
On 11/30/2011 06:41 AM, Doron Fediuck wrote:
> WRT-
> Signing: Who should sign tarballs?
>
> We should KISS (keep it standard & simple...) ie-
>
> 1. All tarballs should have md5 / other hash published
> in the downloads page and possibly a hash file with the tarball.
>
> 2. Each distro will sign its packages in its own means,
> such as signing key, certificate, etc.
+1
Though for the case of oVirt Node, since the ISO isn't in Fedora
officially, all we will provide is the md5 of the ISO itself.
Perry
More information about the Arch
mailing list