[arch-general] Pacman Database Signatures
eschwartz at archlinux.org
Wed Feb 5 03:55:18 UTC 2020
On 2/2/20 4:59 PM, Christopher W. via arch-general wrote:
> Hi. The wiki states that database signatures for pacman are currently
> a work in progress. It's been that way for a long time, so I assume
> there is no "progress" happening. What is currently in the way of this
> much-needed security feature to be fully implemented?
As Levente said, this is supported by pacman, but not by Arch Linux --
and the reason for the latter is that it is complicated to come up with
a signing scheme which everyone is happy with. It needs to support
remote server signing by any of 74 different authorized individuals.
Hopefully there will be wonderful news soon. In the meantime, I for one
make sure that my personal repository hosted on https://pkgbuild.com
includes database signatures.
Bug Wrangler and Trusted User
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 1601 bytes
Desc: OpenPGP digital signature
More information about the arch-general