[Dev] Package signing policy

Nicolás Reynolds fauno at kiwwwi.com.ar
Wed Dec 21 17:00:42 GMT 2011

On Mon, 5 Dec 2011 16:40:12 -0300, Nicolás Reynolds <fauno at kiwwwi.com.ar> wrote:
> Hi, I've asked angvp from Arch about the package signing policy that Arch will
> have. Apparently nothing's decided yet, but they're implementing this:
> * There will be 5 "master keys" from 5 notorious Arch devs
> * A packager key must be signed for at least 3 of the master keys to upload
>   packages
> * This policy will be coded in dbscripts 
> * Pacman does other stuff
> * Keys would be signed by other Arch packagers
> Disclaimer: this is my own interpretation of what angvp told me ;)
> He'll document himself a little more to give us information. But I think now is
> the moment to define our own package signing policy.
> IMO they should be simple and democratic :D

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 489 bytes
Desc: not available
URL: <https://lists.parabola.nu/pipermail/dev/attachments/20111221/e5fd0988/attachment.sig>

More information about the Dev mailing list