On Wednesday 26 May 2010 14:57:51 Jonathan Raphael Joachim Kolberg wrote:
> Am Dienstag 25 Mai 2010 21:01:56 ſchrieb Andreas Pakulat:
> > What do you mean with digital signatures? KDE doesn't sign its sources
> > with gpg or something else.
> 
> Wouldn’t that make seanse, so you can verify the sources you are compiling?
Couldn't you just checkout the appropiate tag from KDE's svn repository, using 
svn+ssh? You're connection would then be secure and SVN commits themselves are 
constantly checked by people watching the kde-commits ML.

-- 
Arno Rehn
arno@arnorehn.de
 
>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<