On Tue, May 17, 2011 at 6:06 AM, Jelle van der Waa <[email protected]> wrote: > On 05/17/2011 11:57 AM, Dark Byte wrote: >> >> Hello dear pacman developer mailing list readers. >> >> Right now my favourite distribution for a lot of cases would be Arch, but >> i >> have concerns about security as there (right now) is no package signing >> mechanism established in pacman. I've been asking in the #archlinux IRC >> channel and goit pointed here. Could someone give me any further >> information >> about the ongoing process of implementing package signing mechanism in >> pacman? Thanks a lot. >> >> Yours sincerely, >> >> - Armin >> > It's a work in progress. It's not an easy task to implement the pkg signing > infrastructure. > You could look at the devtools and pacman git repo and the wiki > https://wiki.archlinux.org/index.php/Package_Signing_Proposal_for_Pacman > https://wiki.archlinux.org/index.php/Pacman_Roadmap > > Althought i don't know how up to date the pages are.
This is the more focused page of actual steps we still have to take to get things going: https://wiki.archlinux.org/index.php/User:Allan/Package_Signing -Dan
