A few more questions to consider: 1. do we also want to generate (and expose) signatures for source uploads, or just the binary files? 2. since we're exposing the computed signature for verification purposes, we need to document how to recompute the signature on the device itself, correct?
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1330770 Title: click packages rely upon tls for integrity and authenticity To manage notifications about this bug go to: https://bugs.launchpad.net/software-center-agent/+bug/1330770/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
