In article <[EMAIL PROTECTED]> you wrote: > I trust the archive maintainers and have a secure way to get a copy of > their public key. I don't trust individual developers and cannot have > all of their keys securely distributed to me.
Yes, you would have to sign the packages with your own key after verifying the release file. Gruss Bernd -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
