From kde-devel  Wed May 26 15:25:48 2010
From: Arno Rehn <arno () arnorehn ! de>
Date: Wed, 26 May 2010 15:25:48 +0000
To: kde-devel
Subject: Re: digital signatures for kde sources?
Message-Id: <201005261725.48833.arno () arnorehn ! de>
X-MARC-Message: https://marc.info/?l=kde-devel&m=127489075102389

On Wednesday 26 May 2010 14:57:51 Jonathan Raphael Joachim Kolberg wrote:
> Am Dienstag 25 Mai 2010 21:01:56 ſchrieb Andreas Pakulat:
> > What do you mean with digital signatures? KDE doesn't sign its sources
> > with gpg or something else.
> 
> Wouldn’t that make seanse, so you can verify the sources you are compiling?
Couldn't you just checkout the appropiate tag from KDE's svn repository, using 
svn+ssh? You're connection would then be secure and SVN commits themselves are 
constantly checked by people watching the kde-commits ML.

-- 
Arno Rehn
arno@arnorehn.de
 
>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<