m�ndagen den 27 januari 2003 22.54 skrev Todd Lyons: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Oden Eriksson wrote on Mon, Jan 27, 2003 at 02:47:29AM +0100 : > > > The following packages have bad signatures: > > > /home/Mandrake/contrib/RPMS/chkrootkit-0.38-2mdk.i586.rpm > > > I hope this is just a bad signature. Can someone enlighten me? This is > > > one package that must be trusted to be useful. > > > > I have my key at: http://d-srv.com/Cooker/ > > Still to this day I can't really figure out why Mandrake seems to lack my > > key... (?) > > Vincent will correct me if I'm wrong, but there are only three keys that > are used to officially sign packages in Main. Those three keys get > installed automatically into root's keyring when the gnupg package is > installed. If a developer happens to also package some Contrib rpm, the > sig will be good. If a community contributor packages the Contrib rpm, > then the end user who's installing it must go and manually retrieve > (just once) the packager's public key.
So I guess resigning my packages while the upload procedure is running with one of this 3 keys is out of the question then? -- Regards // Oden Eriksson, Deserve-IT.com
