[WBEL-devel] About the key files in rpm package
John Morris
jmorris@beau.org
Thu, 15 Jan 2004 19:17:29 -0600 (CST)
On Wed, 14 Jan 2004, aiic wrote:
> There are three key files in rpm-4.2.1.tar.gz : RPM-GPG-KEY, RPM-PGP-KEY and BETA-GPG-KEY.
>
> What's the use of them?
> What's the difference between RPM-GPG-KEY and RPM-PGP-KEY?
RPM-PGP-KEY is a legacy entry from when RH used PGP to sign packages
instead of GPG. PGP isn't Free Software.
> What's the use of BETA-GPG-KEY?
RedHat uses it to sign their betas. Such as Taroon-beta. Perhaps a
different team hatches the betas and doesn't have access to the master
release key.
> Have you replaced all of them in whitebox?
No, not in the rpm package. Whitebox keys are in whitebox-release and on
the root directory of the CD-ROM images.
> How did you do that?
Make a key pair with GPG and copy the public key over the RedHat keys.
--
John M. http://www.beau.org/~jmorris This post is 100% M$ Free!
Geekcode 3.1:GCS C+++ UL++++$ P++ L+++ W++ w--- Y++ b++ 5+++ R tv- e* r