onsdagen den 28 maj 2003 18.17 skrev Lonnie Borntreger: > On Wed, 2003-05-28 at 04:40, [EMAIL PROTECTED] wrote: > > Below procedure works for the most packages, but there are still a lot > > rpm's with key ID 604aa4e4 wich can't be exported: > > # rpm -Fvh *rpm > > warning: apache2-2.0.45-5mdk.i586.rpm: V3 DSA signature: NOKEY, key ID > > 604aa4e4 > > > > This grows up when I query through all rpm's. > > > > Is there any way to fix this also or do we have to wait for new correct > > rpm's ? > > gpg --keyserver wwwkeys.us.pgp.net --recv-keys 604aa4e4 > > Then follow the same procedures used for the other keys. > > Lonnie
Bad guys can sign their packages too and upload their keys to a key server with a fake name. No doubt someone will discover this, but it will be too late for you. -- robin
