Hi, > In the end, we decided to have a signing service which will construct > a source package based on a "template" package and a list of files to > sign and upload this to be processed by the normal buildd and dak > processes. The signing service will also have an audit log which makes > it public what was signed and when.
I'm curious how this works. * source package was modified to generate <package>-$ARCH-signed-template binary package * dput it to repo and dak would pass to code sign service? * sign binary package?? Please let know it or give an URL for it to help me to understand it, since I want to explain it on an article on Japanese tech magazine. -- Regards, Hideki Yamane henrich @ debian.org/iijmio-mail.jp
