ant-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christian Geuer-Pollmann <maill...@nue.et-inf.uni-siegen.de>
Subject Re: Cryptographic Hash function from ant
Date Thu, 11 Apr 2002 21:34:22 GMT
--On Donnerstag, 11. April 2002 13:50 +0200 Stefan Bodewig 
<bodewig@apache.org> wrote:
> On Wed, 10 Apr 2002, Christian Geuer-Pollmann
>> BTW, is this XML Signature functionality interesting for you?
>
> I'm not familiar with it, could you explain in what way it may be
> interesting for Ant?

Well, if you look at signed JAR archives, the person who downloads and 
executes a Java program stored in a JAR can verify who's the software 
vendor of this archive. If you look at distributing software on the apache 
site, many projects do use PGP to sign the ZIP files for binary and source 
distros. Incorporating XML Signatures into ant make files would enable an 
ant built run to verify the integrity of the whole distribution; not only 
after downloading the software from the web but each time an ant run is 
started.

Depends on the scenario whether a project needs such kind of security or 
not.

Regards,
Christian

--
To unsubscribe, e-mail:   <mailto:ant-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:ant-dev-help@jakarta.apache.org>


Mime
View raw message