[packagekit] Signed packages again again

David Zeuthen david at fubar.dk
Thu Nov 15 15:25:36 PST 2007

On Thu, 2007-11-15 at 18:19 -0500, David Zeuthen wrote:
> PK can of course just say "not our problem, we only want to install
> trusted packages, get the repo to sign the packages and make sure the
> GPG keys are installed (= trusted)" but then PK is just not going to be
> useful to a lot of people.... Just look at how often stable Fedora
> updates repos ship unsigned packages... 

Or maybe we can punt this; I mean, thinking more about it.. it is a
special case and this can be added later... yes?


More information about the PackageKit mailing list