[Mageia-discuss] How did i tell to urpmi.addmedia that a repo not have pubkey?
dglent at gmail.com
Sat May 26 21:03:03 CEST 2012
Στις 26/05/2012 18:29:41 Johnny A. Solbu έγραψε:
>On Saturday 26 May 2012 19:14, José Alberto Valle Cid wrote:
>> we are not signing the packages
>Signing is the only way for your users to verify that the packages actually comes from you, and haven't been tampered with.
>I would not use any repo which didn't use signatures, and I suspect I'm not alone in this.
It is nt very hard to sign packages and it is essential. However, if someone wants to install unsigned rpm he has to be able to do it in his responsibility
More information about the Mageia-discuss