[rb-general] Change front page definition
Holger Levsen
holger at layer-acht.org
Mon Apr 22 16:48:03 CEST 2019
Hi David,
thanks for persisting on this. Directly commenting on your proposal:
On Thu, Apr 18, 2019 at 05:03:18PM -0400, David A. Wheeler wrote:
> A build is reproducible if given the same source code, build environment,
> and build instructions, any party can independently verify all specified
> artifacts it produces (e.g., executables) by recreating bit-by-bit identical
> copies.
It might be non-obvious from where those copies are coming from, or IOW
that the hashes of these sources are part of the build instructions.
> Reproducible builds help counter both unintentional errors and
> malicious builds.
they also help with many other things, so I think at the least the word
'both' is misleading here.
> The reproducible builds project is developing a set of
maybe not 'a set' but rather 'sets'? atm we are also still actively
prototyping, so sometimes we currently have several solutions/prototypes
for one issue. (and sometimes thats entirely appropriate, but mostly not
I'd say.)
> recommended software development practices and tools to enable all builds
> to be reproducible.
--
tschau,
Holger
-------------------------------------------------------------------------------
holger@(debian|reproducible-builds|layer-acht).org
PGP fingerprint: B8BF 5413 7B09 D35C F026 FE9D 091A B856 069A AA1C
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.reproducible-builds.org/pipermail/rb-general/attachments/20190422/1e36f91c/attachment.sig>
More information about the rb-general
mailing list