On 02/27/2014 02:00 PM, Marcela Mašláňová wrote:
Again, I don't how signing work. Mirek was discussing signing
some time ago. Couldn't we sign only packages, which will
make it into the repository? They don't have to be signed by copr, don't they?
Signing in Copr would means to create another instance of Sigul for Copr, which mean some
HW, update code (e.g. rebase
to pgp2), integrate it. That is dozen of weeks of work.
Or you can download the repo and sign pkgs manually. Which is one hour of work, but it is
occurring event.
Choose what you like more and for what you have resources :)
--
Miroslav Suchy, RHCE, RHCDS
Red Hat, Senior Software Engineer, #brno, #devexp, #fedora-buildsys