[pacman-dev] Signing by default (was: [PATCH] Add Keyring/--keyring option in alpm/pacman)

Dan McGee dpmcgee at gmail.com
Tue Jun 3 12:53:46 EDT 2008

On Tue, Jun 3, 2008 at 11:45 AM, Pierre Schmitz <pierre at archlinux.de> wrote:
> Am Dienstag 03 Juni 2008 13:54:48 schrieb Dan McGee:
>> Keep in mind that this is
>> 1. An Arch decision, not a pacman decision
>> 2. A policy decision, not something that should be enforced by pacman code
>> Enforcing this at the Arch-specific dbscripts level would be OK, but I
>> don't think it is wise to force makepkg/pacman to sign all packages,
>> especially those that are built for local use only. Some people don't
>> have PGP keys so this would be a pain in the ass.
> Of course that's what I meant. This shouldn't be force by pacman or makepkg.
> And yes, we need to discuss this at arch-dev when that feature is be ready to
> use.

OK, cool- just wanted to make sure we are on the same page. I'm
looking forward to seeing this signing thing actually go forward. It
is good to see someone getting involved with pacman on something like


More information about the pacman-dev mailing list