Hi, On 08/Jan - 11:11, Cyril Brulebois wrote: > I would expect the Debian packages to contain some kind of trust chain > to bootstrap the keyring handling, and weboob to abort instead of > “blindly accepting” in other cases.
You're right we should have the official keyring distributed in the Debian package, but in case the user adds a new repository, we shouldn't reject it but ask him to accept (like ssh)? I'm going to send a patch on the package this week. Romain
signature.asc
Description: Digital signature
