GNU bug report logs - #17625
details of package signing mechanism

Previous Next

Full log

Message #152 received at 17625 <at> debbugs.gnu.org (full text, mbox):

From: Ted Zlatanov <tzz <at> lifelogs.com>
To: Eli Zaretskii <eliz <at> gnu.org>
Cc: Stefan Monnier <monnier <at> iro.umontreal.ca>, 17625 <at> debbugs.gnu.org
Subject: Re: bug#17625: 24.4.50;
 All installed packages marked "unsigned", no archive listed
Date: Tue, 30 Sep 2014 14:19:34 -0400

On Tue, 30 Sep 2014 11:46:46 -0400 Stefan Monnier <monnier <at> iro.umontreal.ca> wrote: 

>> I am, but looked in the trunk for this file. I didn't expect you'd put
>> the keyring only in the emacs-24 branch.  Why keep it out of trunk?
>> Users there won't know to look in emacs-24.

SM> For those who haven't followed Emacs's development over the last
SM> 5 years: changes that should go into the release are made *only* to the
SM> release branch, which is then merged every once in a while into trunk.

On Tue, 30 Sep 2014 17:24:19 +0300 Eli Zaretskii <eliz <at> gnu.org> wrote: 

EZ> Everything in the emacs-24 branch gets merged to the trunk shortly.

Thanks, Eli. Stefan, I have done what I can to keep up with Emacs
development over the last few years and AFAICR have always tracked and
committed to the trunk. I'll keep your note in mind for the future.

>> They have to attempt an install.  That's why I suggested the "Verify" button.

SM> A verify button would only make sense if we exposed the "download" and
SM> the "install" as two separate steps, so the user could then "verify"
SM> between those two steps.

You're right.

Ted

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.