[Mageia-discuss] How did i tell to urpmi.addmedia that a repo not have pubkey?

Johnny A. Solbu cooker at solbu.net
Sat May 26 19:29:41 CEST 2012

On Saturday 26 May 2012 19:14, José Alberto Valle Cid wrote:
> we are not signing the packages

Why not?
Signing is the only way for your users to verify that the packages actually comes from you, and haven't been tampered with.
I would not use any repo which didn't use signatures, and I suspect I'm not alone in this.

Johnny A. Solbu
PGP key ID: 0xFA687324
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/mageia-discuss/attachments/20120526/f6cadf4b/attachment.asc>

More information about the Mageia-discuss mailing list