[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

public keys for cvs use on the mirrors?



I have the feeling I'm sticking my foot in my mouth, but I have one of
those enquiring minds.

Following the advice in the anoncvs faq, I tried 

   cvs checkout -P src

I have a the jp.openbsd.org mirror set as CVSROOT, and it comes back and
tells me that it doesn't know this server. First time, not surprising.
And it gives me an RSA summary, and asks me whether to connect anyway. 

I'm not really expecting there to be any spoofing going on here, but I'm
analytic-compulsive enough to want to verify. Just for the practice,
maybe. 

Do the mirrors all have master lists of each others' public keys or
whatever for verification? Can they for instance be verified visually
over http?

-- 
Joel Rees <joel_(_at_)_alpsgiken_(_dot_)_gr_(_dot_)_jp>