On Fri, Dec 13, 2002 at 11:05:23AM +0100, Matthias Hentges wrote: > Am Fre, 2002-12-13 um 10.25 schrieb Erno Kuusela: > > hello, > > > > On Fri, 13 Dec 2002, Matthias Hentges wrote: > > | > i mean one that you can feed a DSA mail to, and it would check the > > | > pgp signature and download the updated packages and verify the md5sums. > > | > > | Well that's what apt-get update;apt-get upgrade is good for. > > > > actually, it does not check the signature & md5sums. > > True, but if someone hacked into the security server he'll modify the > signature and md5sums,too. I would assume that the private key is not stored on security.debian.org, since that would make signatures completely pointless. -rob
Attachment:
pgp7xqHnUmLu9.pgp
Description: PGP signature