Peter Jordan wrote: > > but the repositories does not need to be official debian services, only > the keyrings should be available over the official debian repository. That may make some sense, but you do understand that by making them available they wouldn't be any more official and any more trusted, right? If we provide them as packages, it may be misunderstood for our users as a recommendation, at best, which IMHO isn't worth the hassle. Better to keep the key-adding just as manual as the sources.list editing. This, of course, from the perspective that there is no official trust relationship. If there is one that I'm unaware of, then by all means, file an RFP! Cheers -- Leo "costela" Antunes [insert a witty retort here]
Attachment:
signature.asc
Description: OpenPGP digital signature