On Wed, Jan 31, 2001 at 02:12:39PM +1100, Brian May wrote: > Suggestion: have up to two signatures per package, one from the > uploader[1] (which can be verified by the paranoid who have some chain of > trust already established), and one from dinstall. Better suggestion: support an arbitrary number of signatures per package. I believe John Goerzen's document already addresses this. -- - mdz