Bug#874029: uscan: please support signature file containing list of signatures
Jérémy Lal
kapouer at melix.org
Sat Sep 2 18:19:15 UTC 2017
2017-09-02 19:54 GMT+02:00 James McCoy <jamessan at debian.org>:
> On Sat, Sep 02, 2017 at 09:58:43AM +0200, Jérémy Lal wrote:
> > The typical example i have under the hand is:
> > https://nodejs.org/dist/v6.3.1/
> > https://nodejs.org/dist/v6.3.1/SHASUMS256.txt
> > https://nodejs.org/dist/v6.3.1/SHASUMS256.txt.asc
>
> The subject confused me a bit. This appears to be a list of the hashes
> of each file, and this list of hashes is signed. That's quite different
> than the current signature handling, which expects a signature of the
> archive and verifies the archive against that signature.
>
Indeed ! Hence the feature request !
Jérémy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/devscripts-devel/attachments/20170902/54825299/attachment.html>
More information about the devscripts-devel
mailing list