[pacman-dev] [arch-general] Package signing
daenyth+arch at gmail.com
Wed Apr 28 23:44:10 CEST 2010
On Wed, Apr 28, 2010 at 17:37, Linas <linas_fi at ymail.com> wrote:
> I wrote about this topic ~1 month ago.
> You don't need PKCis or distribute the keyrings themselves. GPG supports
> transitive trust.
> The pacman keyring would be installed by default trusting on whatever keys
> a pacman root signature has signed (there could also be a different master
> key for community developers).
This sounds like the best solution proposed so far. +1
More information about the pacman-dev