Please, don't introduce too much complexity by default. Just one example of what can go wrong: the key ID given in the explanations in the wiki is outdated. It seems, this key changes every year. So if you just code this key in by default, FAI will breaks as soon as the next year comes. In the case of etch, 2 months after release.
If you introduce this by default, please add also a means for make-fai-nfsroot to check that there is really a valid key id configured, and tell the user otherwise a very clear message about what the problem is and what he has to do to fix the problem. It's good to make it more secure, but it's bad to make it more error-prone, so it must be implemented with much care, double and triple-tested. Henning -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
