[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Torrenting GuixSD!
|
From: |
Andreas Enge |
|
Subject: |
Re: Torrenting GuixSD! |
|
Date: |
Wed, 25 Feb 2015 18:51:56 +0100 |
|
User-agent: |
Mutt/1.5.23 (2014-03-12) |
On Wed, Feb 25, 2015 at 10:32:50AM -0500, Mark H Weaver wrote:
> If we were to extend this argument to non-torrent downloads, then all
> of our downloads (source tarballs and images) should be tar files
> containing a signature bundled with the thing being signed. mit-krb5
> follows this policy with their source tarballs.
No, extending this argument to non-torrent downloads means that we should
advertise the signature next to the actual file. This holds on the gnu ftp
servers, where alphabetical ordering ensures they are next to each other.
And it usually holds on web sites. In both cases, there is almost no extra
effort for downloading the signature.
Alternatively in our case, since the torrent file also needs to be downloaded
from somewhere, it would make sense to put the signature file next to the
torrent file on the download site.
Andreas
- Torrenting GuixSD!, Polchi, 2015/02/13
- Re: Torrenting GuixSD!, David Thompson, 2015/02/13
- Re: Torrenting GuixSD!, Eric Bavier, 2015/02/13
- Re: Torrenting GuixSD!, Ludovic Courtès, 2015/02/23
- Re: Torrenting GuixSD!, Andreas Enge, 2015/02/23
- Re: Torrenting GuixSD!, Ludovic Courtès, 2015/02/25
- Re: Torrenting GuixSD!, Andreas Enge, 2015/02/25
- Re: Torrenting GuixSD!, Mark H Weaver, 2015/02/25
- Re: Torrenting GuixSD!,
Andreas Enge <=
- Re: Torrenting GuixSD!, Ludovic Courtès, 2015/02/25
- Re: Torrenting GuixSD!, Andreas Enge, 2015/02/25
Re: Torrenting GuixSD!, Andreas Enge, 2015/02/14