Eric Sandall wrote:
> Jamie Lokier said:
> <snip>
> > Which is ok of course, but then the signatures don't match any more.
> <snip>
> > -- Jamie
>
> Why not get the signature from the .tar file, that way the compression
> method doesn't matter? This is how Source Mage does it's checking, we
> create and md5sum (and soon GPG) signature based on the uncompressed .tar
> file. This way, you can use any compression you want, even changing
> around the compression to your favourite one, and the signatures will
> always match. :)
(a) I use .gz for the patches not the tar files. But your point still applies.
(b) On something as large as a .tar, decompressing a bz2 file to check
the signature is really quite slow, compared with checking the
signature of the compressed file.
-- Jamie
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun Mar 23 2003 - 22:00:31 EST