On Fri, Feb 13, 2009 at 04:10:46PM +0100, Daniel Baumann wrote:
> Tzafrir Cohen wrote:
> > Is there an automated way to get the public key for the repository
> > from a repository URL? If so, those steps could be automated.
>
> for 'my' repositories, you actually can. i always put a file
> 'archive-key.asc' in the root directory of the repository that contains
> the current valid key that was used to sign the archive.
Is this an official or semi-official location?
> however, as you
> stated yourself, fetching blindly a key may defeat the purpose of having
> one in the first place (which means, it's basically the same as
> disabling signature checking with --apt-secure disable).
--
Tzafrir Cohen
icq#16849755 jabber:[email protected]
+972-50-7952406 mailto:[email protected]
http://www.xorcom.com iax:[email protected]/tzafrir
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
