| From: | "Marc G(dot) Fournier" <scrappy(at)hub(dot)org> |
|---|---|
| To: | Neil Conway <neilc(at)samurai(dot)com> |
| Cc: | PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: PGP signing releases |
| Date: | 2003-02-03 02:23:14 |
| Message-ID: | 20030202222122.E16840@hub.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Sun, 2 Feb 2003, Neil Conway wrote:
> Folks,
>
> I think we should PGP sign all the "official" packages that are provided
> for download from the various mirror sites. IMHO, this is important
> because:
>
> - ensuring that end users can trust PostgreSQL is an important part to
> getting the product used in mission-critical applications, as I'm sure
> you all know. Part of that is producing good software; another part is
> ensuring that users can trust that the software we put out hasn't been
> tampered with.
right, that is why we started to provide md5 checksums ...
> I'd volunteer to do the work myself, except that it's pretty closely
> intertwined with the release process itself...
well, if you want to tell me the steps, I'll consider it ...
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Lamar Owen | 2003-02-03 02:40:25 | Re: PGP signing releases |
| Previous Message | Curt Sampson | 2003-02-03 01:37:38 | Re: pg_hba.conf hostmask. |