Hi, in their current state makepkg and repo-add have built-in functions to sign packages or the repo database. Unfortunately we wont be able to use neither of these in Arch Linux. That also means that this functionality needs to be reimplemented in devtools and dbscripts. We cannot let makepkg sing the packages because we built packages in a chroot environment that may even be on a different host than the packages key. The situation with repo-add is even more complicated as we'll need to sign a file with a key which are on different hosts. (I was told this might be doable using ssh-/gpg-agent) However, my point is that it would be nice to have separate scripts to sign a package and database file. This way we could use it like this: chroot makepkg signpkg Greetings, Pierre -- Pierre Schmitz, https://users.archlinux.de/~pierre