[pacman-dev] Package signing in pacman
Dan McGee
dpmcgee at gmail.com
Tue May 17 09:10:16 EDT 2011
On Tue, May 17, 2011 at 6:06 AM, Jelle van der Waa <jelle at vdwaa.nl> wrote:
> On 05/17/2011 11:57 AM, Dark Byte wrote:
>>
>> Hello dear pacman developer mailing list readers.
>>
>> Right now my favourite distribution for a lot of cases would be Arch, but
>> i
>> have concerns about security as there (right now) is no package signing
>> mechanism established in pacman. I've been asking in the #archlinux IRC
>> channel and goit pointed here. Could someone give me any further
>> information
>> about the ongoing process of implementing package signing mechanism in
>> pacman? Thanks a lot.
>>
>> Yours sincerely,
>>
>> - Armin
>>
> It's a work in progress. It's not an easy task to implement the pkg signing
> infrastructure.
> You could look at the devtools and pacman git repo and the wiki
> https://wiki.archlinux.org/index.php/Package_Signing_Proposal_for_Pacman
> https://wiki.archlinux.org/index.php/Pacman_Roadmap
>
> Althought i don't know how up to date the pages are.
This is the more focused page of actual steps we still have to take to
get things going:
https://wiki.archlinux.org/index.php/User:Allan/Package_Signing
-Dan
More information about the pacman-dev
mailing list