Am Wed, 03 Feb 2010 20:41:34 +0200 schrieb Lauri Niskanen <ape@ape3000.com>:
I agree that peer trust network is a nice idea and that pgp keys might be unnecessary. AUR accounts are already authenticated by the web system and user can be easily coupled with the uploaded files.
You should be able to upload packages without any thrust status and also downloading and installing untrusted packages should be possible. There could be packages with trusted status, so the users wouldn't have that must packages to be checked by themselves.
This was previously implemented in and removed from AUR a long time ago. I guess there was a reason for this. I disagree that AUR needs additional moderators. That's what among others TUs are for, this is why they are called TUs, and they are doing this job really good. If you post something (deletion request, orphaning request etc.) to this mailing list it's usually done within a few minutes. Greetings, Heiko