I added a script to the spacewalk-remote-utils package that makes importing package providers very easy. So now instead of seeing 'Unknown' for all of your third party packages, you can see who signed them just like with Red Hat's RPMs. Example: spacewalk-add-providers -u <user> -p <pass> /var/www/html/pub/RPM-GPG-KEY-* /aron