On 05/17/2011 11:57 AM, Dark Byte wrote:
Hello dear pacman developer mailing list readers.
Right now my favourite distribution for a lot of cases would be Arch, but i
have concerns about security as there (right now) is no package signing
mechanism established in pacman. I've been asking in the #archlinux IRC
channel and goit pointed here. Could someone give me any further information
about the ongoing process of implementing package signing mechanism in
pacman? Thanks a lot.
Yours sincerely,
- Armin
It's a work in progress. It's not an easy task to implement the pkg
signing infrastructure.
You could look at the devtools and pacman git repo and the wiki
https://wiki.archlinux.org/index.php/Package_Signing_Proposal_for_Pacman
https://wiki.archlinux.org/index.php/Pacman_Roadmap
Althought i don't know how up to date the pages are.
--
Jelle van der Waa
