From owner-freebsd-ports-bugs@FreeBSD.ORG  Sun Feb 29 12:21:47 2004
Return-Path: <owner-freebsd-ports-bugs@FreeBSD.ORG>
Delivered-To: freebsd-ports-bugs@hub.freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id AA5DC16A4CE; Sun, 29 Feb 2004 12:21:47 -0800 (PST)
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id A2B8143D2D; Sun, 29 Feb 2004 12:21:47 -0800 (PST)
	(envelope-from eik@FreeBSD.org)
Received: from freefall.freebsd.org (eik@localhost [127.0.0.1])
	i1TKLlbv016445;	Sun, 29 Feb 2004 12:21:47 -0800 (PST)
	(envelope-from eik@freefall.freebsd.org)
Received: (from eik@localhost)
	by freefall.freebsd.org (8.12.10/8.12.10/Submit) id i1TKLl7q016441;
	Sun, 29 Feb 2004 12:21:47 -0800 (PST)
	(envelope-from eik)
Date: Sun, 29 Feb 2004 12:21:47 -0800 (PST)
From: Oliver Eikemeier <eik@FreeBSD.org>
Message-Id: <200402292021.i1TKLl7q016441@freefall.freebsd.org>
To: jharris@widomaker.com, eik@FreeBSD.org,
	freebsd-ports-bugs@FreeBSD.org
Subject: Re: ports/63546: ports/security/libprelude - fetch PGP signature
X-BeenThere: freebsd-ports-bugs@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Ports bug reports <freebsd-ports-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports-bugs>,
	<mailto:freebsd-ports-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports-bugs>
List-Post: <mailto:freebsd-ports-bugs@freebsd.org>
List-Help: <mailto:freebsd-ports-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports-bugs>,
	<mailto:freebsd-ports-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 29 Feb 2004 20:21:47 -0000

Synopsis: ports/security/libprelude - fetch PGP signature

State-Changed-From-To: open->closed
State-Changed-By: eik
State-Changed-When: Sun Feb 29 21:13:54 CET 2004
State-Changed-Why: 
Thanks for your efforts, I like to see PGP support in the ports tree, but:

- this is not a matter of a single port
- some people do not want to fetch distfiles they don't need
- this should be more semi-automatic, like HAS_PGPSIGNATURE and `make pgpcheck'
- this interferes with PR 60558, since you can't simply add USE_GPG/PGP to the Makefile,
  you'll have to correct DISTFILES for that.

IMHO it would be better to come up with a general scheme how PGP signature
verification of distfiles could work instead of simply fetching them, which
just wastes space and doesn't increase security.

http://www.freebsd.org/cgi/query-pr.cgi?pr=63546