Re: An idea.... (Was: debfind.net (was: GNOME-HELIX))

To: debian-devel@lists.debian.org
Subject: Re: An idea.... (Was: debfind.net (was: GNOME-HELIX))
From: Itai Zukerman <zukerman@math-hat.com>
Date: 30 Jun 2000 12:20:28 -0400
Message-id: <[🔎] 87itur3zub.fsf@matt.w80.math-hat.com>
In-reply-to: "Oliver Elphick"'s message of "Fri, 30 Jun 2000 15:50:09 +0100"
References: <[🔎] 200006301450.e5UEoAC27241@linda.lfix.co.uk>

> I think that this approach would help to discourage non-Debian archives,
> because apt would warn "This is not signed by a Debian maintainer".

If we could distinguish between official Debian packages and "other"
packages and guarantee that Debian packages only (build-, etc.)
depended on other Debian packages, then I don't see the harm in having
lots of random .deb repositories lying around.  Name-space collisions
are bound to happen, but not if you stick with Debian packages.

In fact, I'd like to see a database of such .deb repositories
maintained somewhere (perhaps even at debian.org).

The BTS would, of course, only apply to Debian packages.

I'm sure we can think of ways to promote making Debian over
"other" packages, such as the warning above, the BTS, etc.

I'm not sure what would be involved in verifying that a .deb was
officially Debian, probably something to do with signing something
with the maintainer's key (but in such a way that the auto-builders
still work).  Ideas?

-itai

Reply to:

References:
- Re: An idea.... (Was: debfind.net (was: GNOME-HELIX))
  - From: "Oliver Elphick" <olly@lfix.co.uk>

Prev by Date: Re: Debian Critical Mass
Next by Date: Re: Debian Critical Mass
Previous by thread: Re: An idea.... (Was: debfind.net (was: GNOME-HELIX))
Next by thread: Re: An idea.... (Was: debfind.net (was: GNOME-HELIX))
Index(es):
- Date
- Thread