How to sign a remote repository, i.e. forward agent
carsten.aulbert at aei.mpg.de
Wed Jun 30 19:33:41 CEST 2010
On Wednesday 30 June 2010 19:06:58 Daniel Kahn Gillmor wrote:
> Does this workflow work for you? if not, why not?
I've thought about that, but these repos are a shared effort where the secret
key is also shared by four trusted people - thus there is a source for race
conditions - albeit the repos are not really that heavily used.
Thus maybe I should consider doing a 2-way sync:
let other people do their work and include their packages, rsync to my local
machine, sign/export, rsync again to remote site - downside could be that I'm
from time to time on very slow networks.
(other alternative is of course to rise to the benevolent dictator and just
accept new packages by other users and include those myself and use your work
So, maybe my question was just a very theoretical one :)
Thanks for the reply
More information about the Gnupg-users