Hi Karanbir, On Fri, 2011-06-03 at 16:02 +0100, Karanbir Singh wrote: > > And while I further know that the project wouldn't sign packages that > > I built here, I would still build packages here for my own purposes anyway. > > If the development process can churn via patches that get some sort of > peer review, I dont see why the build+sign cant happen inside a centos > builder instance. There is hardware for ia64/i586/sparc available. Keys > are still something to look at further down the road. I had exactly this in mind when I was advocating for keeping SPEC files and patches in git repositories ala git-buildpackage earlier on this list. Johnny might not find this kind of development workflow acceptable for himself, but I think that this could be quite an interesting option at least for the development efforts for the extra arches. For instance, you can have a stack of git repositories for packages needing a change, and those could be connected to some review board software, there are herds of those available for git. Finally, someone might flag packages as reviewed and build / sign them on CentOS hardware, or alternatively leads behind such efforts could be given access to some secondary signing keys which would be dedicated to signing packages for extra arches. This would also enable for easy import / backport of the updates to stay in sync with the main CentOS distribution. -- Sincerely yours, Yury V. Zaytsev