[pacman-dev] Package signing in pacman

Dan McGee dpmcgee at gmail.com
Tue May 17 09:10:16 EDT 2011

On Tue, May 17, 2011 at 6:06 AM, Jelle van der Waa <jelle at vdwaa.nl> wrote:
> On 05/17/2011 11:57 AM, Dark Byte wrote:
>> Hello dear pacman developer mailing list readers.
>> Right now my favourite distribution for a lot of cases would be Arch, but
>> i
>> have concerns about security as there (right now) is no package signing
>> mechanism established in pacman. I've been asking in the #archlinux IRC
>> channel and goit pointed here. Could someone give me any further
>> information
>> about the ongoing process of implementing package signing mechanism in
>> pacman? Thanks a lot.
>> Yours sincerely,
>> - Armin
> It's a work in progress. It's not an easy task to implement the pkg signing
> infrastructure.
> You could look at the devtools and pacman git repo and the wiki
> https://wiki.archlinux.org/index.php/Package_Signing_Proposal_for_Pacman
> https://wiki.archlinux.org/index.php/Pacman_Roadmap
> Althought i don't know how up to date the pages are.

This is the more focused page of actual steps we still have to take to
get things going:


More information about the pacman-dev mailing list