Re: PATCH: package verification in dpkg
Jason Gunthorpe <jgg@debian.org> writes:
> On 9 Mar 2001, John Goerzen wrote:
>
> > Below is a patch that will allow dpkg to do cryptographic verification
> > of gpg signatures attached to packages at install time. It uses
>
> Could it at least have an option to turn it off? APT users using the new
> secured release files are not going to want to burn the cycles to do this.
If debsig-verify is not installed, it never runs.
Incidentally, secured release files serve a different purpose and
there are many benefits to supporting both.
-- John
Reply to: