On Tue, Oct 25, 2011 at 11:15 AM, Steve Holmes <steve.holmes88@xxxxxxxxx> wrote: > On Tue, Oct 25, 2011 at 03:00:50PM +0200, fredbezies wrote: >> In /etc/pacman.conf, uncomment : >> >> SigLevel = Optional TrustAll > > Yeah, I saw that and understand that is appropriate for local > packages. But now that I uncomment it, what if I want to tighten up > the sig tests in the future. How does one correct the errors. In > this current situation, it appears that this signature verification > stuff doesn't work. What am I missing? > > At least at the moment, I can go ahead and upgrade these 126 > packages:). If you want to tighten up, you should use TrustedOnly, instead of TrusAll. That would only consider as valid a signature whose key is present in pacman's keyring and also either signed explicitly by you or trusted by a key from someone you already trusts. The latter is what OpenPGP calls Web of Trust (you can read about it on the web, it's a very interesting subject) I didn't understand what you mean by "correct the errors" and "signature verification stuff doesn't work". Would you mind to elaborate on that? -- A: Because it obfuscates the reading. Q: Why is top posting so bad? ------------------------------------------- Denis A. Altoe Falqueto Linux user #524555 -------------------------------------------
