[Mageia-discuss] How did i tell to urpmi.addmedia that a repo not have pubkey?

[Dimitrios Glentadakis]

Στις 26/05/2012 18:29:41 Johnny A. Solbu έγραψε:
>On Saturday 26 May 2012 19:14, José Alberto Valle Cid wrote:
>> we are not signing the packages
>
>Why not?
>Signing is the only way for your users to verify that the packages actually comes from you, and haven't been tampered with.
>I would not use any repo which didn't use signatures, and I suspect I'm not alone in this.
>
>

+1

It is nt very hard to sign packages and it is essential. However, if someone wants to install unsigned rpm he has to be able to do it in his responsibility

-- 
Dimitrios Glentadakis