On Thu, 4 Nov 2004, Peter Jones wrote: > My model is that the signature is more than just a gpg signature. > Conceptually, it's a signature on a certificate with data that specifies > exactly which ways the package may be trusted. One could actually > implement it that way, which I think we should, but it's some > significant effort. Yeah - but we don't have that right now. The thing we are debating is - why signing 'rawhide' with gpg key is wrong. > > The specific proposal here was that when you *don't* mean the things > that people infer from a signed package, don't sign the package. You mean Axel, Dag should't sign the packages they distribute. (because that would imply its equally trustworthy as redhat-certified) And according to your model - If I were to distribure signed/unsigned packages - the expection for unsigned is different(can eat data) - but signed is different (extremely stable) The question is: How does your user know that the pacakge I distribured is signed with a gpg-key? Satish