Ensuring authenticity of packages
I'm wondering how to check authenticity of packages after downloading the code
from the network. One method is downloading source packages, checking signatures
and building binary packages. Is there any other possibility ? Maybe there is a
kind of "HOW TO efficient organize secure package-archive-site" ?
Ryszard Łach, Internet Designers s.c., Przedmiejska 6-10, 54-201 Wrocław
'echo "" |mail -s "send key pub" firstname.lastname@example.org' for my public GPG key