Hello everybody, (As I am not allowed to post to arch-dev-public resending it here.) ok, not really related to the keyring package, but it came to my mind when installing it and while signing the key: I think it makes sense to not allow pages related to package signing being delivered via http. Instead automatically redirect to https to avoid man in the middle attacks. First site that comes to my mind: https://www.archlinux.org/master-keys/ -- Best regards, Chris O< ascii ribbon campaign stop html mail - www.asciiribbon.org
