Les Mikesell <lesmikesell <at> gmail.com> writes: > But what if > it is the src rpm that is compromised so the builds will be identical > because they both contain the modification? That is not exactly the compromise of the build system and/or Fedora key, now is it? If your own contributors are subverting the system by uploading borked source, the mutli-key system isn't going to help (and I never claimed that). For people that are not convinced in the usefulness of this (in principle), go the a bank and try to open an account. See if they'll be OK with you producing just one piece of ID. -- Bojan -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
