[pacman-dev] [arch-general] Package signing

[Aleksis Jauntēvs]

On Thursday 29 April 2010 00:37:34 Linas wrote:
> I wrote about this topic ~1 month ago.
> You don't need PKCis or distribute the keyrings themselves. GPG supports
> transitive trust.
> The pacman keyring would be installed by default trusting on whatever keys
> a pacman root signature has signed (there could also be a different master
> key for community developers).

This idea is certainly worth a try.

-- 
Alekss