[pacman-dev] [arch-general] Package signing
aleksis.jauntevs at gmail.com
Thu Apr 29 12:44:53 CEST 2010
On Thursday 29 April 2010 00:37:34 Linas wrote:
> I wrote about this topic ~1 month ago.
> You don't need PKCis or distribute the keyrings themselves. GPG supports
> transitive trust.
> The pacman keyring would be installed by default trusting on whatever keys
> a pacman root signature has signed (there could also be a different master
> key for community developers).
This idea is certainly worth a try.
More information about the pacman-dev