On Thu, Feb 08, 2001 at 07:30:08PM +0000, Jim Breton wrote:
> On Thu, Feb 08, 2001 at 08:22:47PM +0100, Christian Hammers wrote:
> > > Currently it won't. :-\ You would have to get the packages yourself
> > > and check the md5sums.
> > Which were of course altered by the cracker. Bad idea.
>
> No. I'm talking about the md5sums listed in the security advisories
> sent by the Debian project. These messages are signed with their GPG
> keys; if these messages are invalid or have been compromised and the
> signatures still verify, then we have some far more serious problems.
for the debian-developer keys:
apt-get install debian-keyring
--
BOFH excuse #93:
Feature not yet implimented
PGP signature
