Bill Nottingham wrote:
Jesse Keating (jkeating@xxxxxxxxxxxxxxx) said:
As for signing packages, I do believe they are signed.
Generally, in rawhide, packages are signed as follows:
Key 4F2A6FD2:
If they are directly inherited from:
- the previous major release
- updates for the previous major release
Key 30C9ECF8:
If they are directly inherited from:
- a test release
- test updates for the previous major release (shouldn't happen)
Packages that don't fall into these categories will not be signed.
Why not sign all packages distributed by redhat/fedora? Signing packages
only serves to guarantee the origin of the package not its fitness for
use. I think i had to disable key checking awhile back in yum because i
couldnt install the new packages in rawhide (well i assume they were new
packages based on your feedback above). If you would like to add another
key for these packages i think that would be fine but i personally think
that a "gold fedora key" and a "silver fedora key" are enough to
demonstrate the release status of a package. -mf
--
fedora-test-list mailing list
fedora-test-list@xxxxxxxxxx
To unsubscribe:
https://www.redhat.com/mailman/listinfo/fedora-test-list