[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


On Tue 04 May 2010 @ 08:59:01 zulu, Michael Schwendt scribed:
> And those checksums are independent from the GPG signature
> (here done with key ID a109b1ec). That means, you can sign the
> package with a different key and still get the same internal RPM
> checksums. Only the file's checksum will differ, and that's the
> one that enters the repodata.

I don't see what that proves, since all the other files appear to have been
signed with key ID a109b1ec, too. So, why would the checksums in the
repodata's primary.xml files be wrong for only those debuginfo packages?

users mailing list
[email protected]
To unsubscribe or change subscription options:

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux