[arch-general] pacman security when importing new keys?
Daniel Micay
danielmicay at gmail.com
Tue Feb 10 20:43:15 UTC 2015
On 10/02/15 09:33 AM, Dennis Lange wrote:
> Ah ok, importing a key != trusted key.
> Only to get things sorted. Why I need to accept the import of a key
> manually?
They're a new Trusted User and a new archlinux-keyring release with
their key hasn't been released. The trust comes from the fact that it
has been signed by 3+ master keys though - you should not be marking
trust yourself unless you actually want to mark some third party
packagers as trusted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-general/attachments/20150210/06896052/attachment.asc>
More information about the arch-general
mailing list