Received: from mail.cmpwn.com (mail.cmpwn.com [45.56.77.53])
	by nld3-dev1.alpinelinux.org (Postfix) with ESMTPS id C80A4781A8D
	for <~alpine/devel@lists.alpinelinux.org>; Mon, 30 Dec 2019 18:01:47 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=cmpwn.com; s=cmpwn;
	t=1577728906; bh=7JeBeF/7LdIJK4bPRfhP8LJjOVMHiO+SzX/1Im2cSBM=;
	h=In-Reply-To:Date:Cc:Subject:From:To;
	b=WhsMlrFqarsMUZF/p7EFYHkIDWwjLsI/6ak6SL5YepeYnIhwBXtRPTNwb9o3wwK0y
	 ywiAY+w2DbUf/1x955oCXB9VVAi1Pe9+wlSH5CyftKtCt6qdyNuJeTxabxyhyq+PuM
	 bqWdRIo0wcBBZm4zEJzEQH56zHug/MW0WZhiSY4M=
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset=UTF-8
In-Reply-To: <34cd93c2ddfb985c29b3b74862c9e71945a34954.camel@cogitri.dev>
Date: Mon, 30 Dec 2019 13:00:34 -0500
Cc: "Timo Teras" <timo.teras@iki.fi>, <~alpine/devel@lists.alpinelinux.org>
Subject: Re: new package format and repository layout changes
From: "Drew DeVault" <sir@cmpwn.com>
To: "Rasmus Thomsen" <oss@cogitri.dev>, "Kevin Daudt"
 <kdaudt@alpinelinux.org>
Message-Id: <BZIY70GY8LED.6O9B0FCA816L@homura>

I'm not sure where in the thread this was originally mentioned, but -1
to signing the repository name - i.e. main, community, edge, etc.

The source of the package is unimportant if its content can be verified
with the signature. The ability to freely move signed packages between
repos without re-signing them is desirable to me. Note as well that we
do not sign the name of the mirror the package came from, despite
arguably qualifying as some kind of metadata about the package.