Any objections to the proposed design for this feature? - deb [key=0x1AB52325534,0x3475BDF478] ... Only accept signatures by one of the listed fingerprints
- deb [keyring=foobar.gpg] ... Use foobar.gpg to verify the signatures and only foobar.gpg. deb [trust=always|never] .... Ignore the Release signature and just always or never trust the source. "always" would be for file:// or sources on the local network where you don't care if it is unsigned. "never" would be for repositories you want to always be asked before they are used and which should not replace packages from more trusted repositories. MfG Goswin -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org