Jason Gunthorpe <[EMAIL PROTECTED]> writes: > On 9 Mar 2001, John Goerzen wrote: > > > Below is a patch that will allow dpkg to do cryptographic verification > > of gpg signatures attached to packages at install time. It uses > > Could it at least have an option to turn it off? APT users using the new > secured release files are not going to want to burn the cycles to do this.
If debsig-verify is not installed, it never runs. Incidentally, secured release files serve a different purpose and there are many benefits to supporting both. -- John
