On Wed, 3 Dec 2003 12:08:10 +0100, Matthias Urlichs said: >> signature algorithm would allow for hashing the data on the remote >> machine, and signing that hash locally. >> > ... that would work. It'd probably require a few hooks within GPG > to generate a hash packet / .
Since I moved my actual development to faster machines I now always need to copy the tarballs to the box where I can sign them and this is not very convenient. Obviously, I thought about such a solution too. There are some minor problems because we don't just sign a hash but need to add some more data. Creating an incomplete hash on the remote machine is not the cleanest solution, so I have to come up with a better way. Werner -- Werner Koch <[EMAIL PROTECTED]> The GnuPG Experts http://g10code.com Free Software Foundation Europe http://fsfeurope.org
