The package manager (apt, zypper or yum or dnf) uses the signature to verify, that the metadata you're downloading (i.e. the Packages.gz on Debian) is not modified and is from a trusted source.
Only if the verification succeeds, the package manager will allow to install packages from that "source". Robert sent from my mobile device -------- Originale Nachricht -------- Von: Guy Matz <guym...@gmail.com> Gesendet: Fri Sep 13 18:57:59 GMT+02:00 2019 An: spacewalk-list@redhat.com Betreff: [Spacewalk-list] "Security: GPG" section of Channel? What's it for? Hi! Does anyone know what the "Security : GPG" section of the channel is for? I.e., what component uses that information and how? Thanks! ------------------------------------------------------------------------ _______________________________________________ Spacewalk-list mailing list Spacewalk-list@redhat.com https://www.redhat.com/mailman/listinfo/spacewalk-list _______________________________________________ Spacewalk-list mailing list Spacewalk-list@redhat.com https://www.redhat.com/mailman/listinfo/spacewalk-list
