[pacman-dev] Finishing off the package signing issue -- call for contributors

Allan McRae allan at archlinux.org
Sat May 21 02:29:10 EDT 2011

On 21/05/11 16:14, Allan McRae wrote:
> All this is off-topic for this list as pacman will not care how packages
> and repos are signed. It will just verify whether the package/repo can
> be validated using the keychain it is provided.

Just to clarify, I do see how the keychain is managed by a distribution 
as an important issue to be discussed.  However, it is also the most 
political issue in this package signing business and discussing it on 
this list just ends up derailing discussion on actual pacman 
development.  This is why it needs to be kept completely separate from 
discussions about implementing signature verification work in pacman.


More information about the pacman-dev mailing list