bwalton at opencsw.org
Sun Jul 10 03:21:52 CEST 2011
Excerpts from Ben Walton's message of Sat Jul 09 18:54:28 -0400 2011:
> Excerpts from Ben Walton's message of Sat Jul 09 14:46:20 -0400 2011:
> > p1 -> signal daemon -> d1 signs catalog -> p1 via some protocol
> Thinking further about this the request to sign the catalog should be
> http to a restful server. This would lend itself especially well to
> p1 doing the handling.
> Something like: GET /sign/unstable/i386/SUnOS5.9/
> And the result is either a 200 response with the appropriate signature
> or some 4xx code, etc.
I've implemented a basic proof of concept that can return both a
clearsigned file and a detached signature for the same file based on
the requested url...
It would need lots of work on the gpg agent front still, but the
basics are in place if this turns out to be worthwhile.
Systems Programmer - CHASS
University of Toronto
C:416.407.5610 | W:416.978.4302
More information about the maintainers