Package warning - Rawhide

Josh Boyer jwboyer at gmail.com
Sun Oct 12 12:10:15 UTC 2008


On Sun, Oct 12, 2008 at 02:57:30PM +0530, Rahul Sundaram wrote:
> Ralf Corsepius wrote:
>> On Sun, 2008-10-12 at 14:27 +0530, Rahul Sundaram wrote:
>>> Hi,
>>>
>>> The PackageKit warning for every single unsigned package - which 
>>> happens to be everything in rawhide is just plain annoying. Can't we 
>>> do something nice about that?
>> The rationale for exposing users to the risks of using unsigned packages
>> has always escaped me, even less in the light of "The incident".
>>
>> I.e. IMO, the "only correct  approach" would be to only have signed
>> packages in rawhide.
>
> I rarely find common ground with you but in this instance, I completely  
> agree. Is time delay the reason behind not signing packages? There is a  

It's time delay, and the fact that we have a very limited number of
people that know the signing key.  As someone already pointed out,
we need the signing server for this to be a valid option.

josh




More information about the fedora-devel-list mailing list