Am 14.02.2014 12:43, schrieb Don deJuan: >>> wouldn't is make more sense to have a systemd timer/cron job to frequently >>> refresh pacman keyring? > > pacman-key --refresh-keys ??
If you are paranoid enough that a former Arch developer or TU will be able to inject a broken package into a mirror, then it certainly helps you to run 'pacman-key --refresh-keys' regularly. You can also do so on the live CD. This will not automatically add new keys, but certainly remove trust from revoked keys.
signature.asc
Description: OpenPGP digital signature
