[packagekit] Signed packages again again

Robin Norwood rnorwood at redhat.com
Fri Nov 16 06:36:01 PST 2007

Richard Hughes <hughsient at gmail.com> writes:

> On Thu, 2007-11-15 at 18:17 -0500, Matthias Clasen wrote:
>> In the use-cases PK is designed for, all updates should be "trusted", no ?
> This is what I'm thinking also. If the user has installed a bad repo
> file then I think we've lost already.

Well, lost as in we need to provide a useful error message - "Repository
foo is providing package bar, which is not signed with trusted
<link to more info>

<remove repository>  <cancel>


Robin Norwood
Red Hat, Inc.

"The Sage does nothing, yet nothing remains undone."
-Lao Tzu, Te Tao Ching

More information about the PackageKit mailing list