[doap-interest] Auditing Releases
Stuart A. Yeates
syeates at gmail.com
Thu Aug 14 02:33:48 BST 2008
I'd be inclined to do this using a mime-typed label, such as:
<rdf:Description rdf:about="http://example.com/build-product-1.2.3.zip">
<rdfs:label mime-type="x-sha1-checksum">1234567890ABCDEF</rdfs:label>
</rdf:Description>
There is a "pgp-signature" mime-type already registered, if you are using that.
cheers
stuart
On Thu, Aug 14, 2008 at 9:34 AM, Robert Burrell Donkin
<robertburrelldonkin at blueyonder.co.uk> wrote:
> one of my interests is auditing open source releases. anditing and
> widely disseminating sums for released artifacts provides defense in
> depth against poisoning at source. for example,
> http://incubator.apache.org/audit/.
>
> i plan to add some RDFa instrumentation. if possible, i'd like to reuse
> vocabulary. so i wondered whether the DOAP community has any ideas/plans
> to extend it's release information to include checksums etc, or (if not)
> anyone else had any local conventions for this information.
>
> - robert
>
> _______________________________________________
> doap-interest mailing list
> doap-interest at lists.gnomehack.com
> http://lists.usefulinc.com/mailman/listinfo/doap-interest
>
More information about the doap-interest
mailing list