On Tue, 2004-06-22 at 16:34 +0200, Nicolas Mailhot wrote: > Le mar, 22/06/2004 Ã 10:19 -0400, Dan Williams a Ãcrit : > > AFAIK this is the case. Packages that are part of a "release", ie > > Fedora Core x, or FCx Test x, are signed. Between releases, if a > > package gets revved over the signed version, it is unsigned until the > > next release. > > Yep, that is why I wrote a rawhide key would be great. > I don't mind (well, I do but I'm ready to pay this price) if my data is > eaten by a buggy rawhide package. But I'd really love to be sure I only > install Quality Rawhide Bugware and not malware someone injected in a > compromised mirror. There is rawhide key. However, it is not used properly :| The point here is more to be sure that we have the packages the developers intended us to have than of giving any warranty in as so far as integrity against trojans ! Rui
Attachment:
signature.asc
Description: This is a digitally signed message part
