[pacman-dev] Public Keys
Christian Hesse
list at eworm.de
Sun Aug 21 03:29:07 EDT 2011
Allan McRae <allan at archlinux.org> on Sun, 21 Aug 2011 08:33:51 +1000:
> On 21/08/11 07:36, Eric Bélanger wrote:
> > On Sat, Aug 20, 2011 at 4:56 PM, Christian Hesse<list at eworm.de> wrote:
> >> I've installed pacman-git on a test machine to play with package signing.
> >> Since today some packages in [core] and [extra], perhaps others, are
> >> signed. I found two keys on public key servers, the third one is still
> >> missing. The key in question was used to sign xfdesktop.
> >>
> >> Is there any official place I can find keys that are used to sign Arch
> >> packages? Or did I miss anything else?
> >
> > The keys are currently in the profiles:
> >
> > http://www.archlinux.org/developers/
> > http://www.archlinux.org/trustedusers/
> >
> > There's probably gonna be another way (I think it's going to be a
> > package) to get them once everything is setup.
I read pacman-dev, so I know abount the planned package. On the other hand I
was shure there is non till now.
Thanks for the links!
> Note that some packages are currently signed by keys that are not
> actually publicly posted anywhere so you are screwed trying to verify
> them...
Tobias Powalowski is still missing...
> Using "SigLevel = Never" is a workaround, although kind of
> against the point!
I installed via pacman -U from cache directory.
Thanks for your information!
--
Schoene Gruesse
Chris
More information about the pacman-dev
mailing list