archive_sites in Portfiles
jeremy at lavergne.gotdns.org
Fri Jan 7 21:02:56 PST 2011
> As another problem, if we use keys for each maintainer, how do we make sure none of the private keys will ever be compromised (carrying around on mobile devices, tiresome typing of a passphrase, etc.)? I might be a little bit paranoid on this, but we have to consider the weakest link here.
We already trust the port maintainers to not submit trojans in their ports.
> It's not about the distribution on an external server, but in which way the archive was created.
Why can't maintainers offer their archives alongside the ones from MacPorts' MPAB?
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 3749 bytes
Desc: not available
More information about the macports-dev