Packages siginig

[comtihon]

Packages should be signed, when loading to a remote cache.
Sign should be checked, when downloading them.

[comtihon]

Option1: use simple package's hash
On client side:

• enot should be able to calculate package.ep hash
• dep can be specified by name/namespace and hash (instead of tag/branch)
• after downloading package hash should be checked

On server side:

• enot builder should calculate hashes of packages and store in the database
• enot builder should be able to find and render package by it's name/namespace and hash