Bojan Smojver <bojan <at> rexursive.com> writes: > Say there are 10 signatories in the pool. Yum would check that: > > - the package is signed with the Fedora key > - the package is signed by at least N (say 2) other keys from the pool > - failing the above, it would not accept the package Just for completeness, yum could alternatively accept say 5 keys from the pool (but no Fedora key), so that any compromise of the central key does not cause the current "change the Fedora key" hoopla. Simply resign by others and continue. -- Bojan -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
