Re: how to ask for aptitude "improvement" wrt unsigned package
-----BEGIN PGP SIGNED MESSAGE-----
Boyd Stephen Smith Jr. wrote:
> On Monday 02 March 2009 12:05:20 email@example.com wrote:
>> I am using a repository that doesn't sign its package. I know and
>> trust it.
> That's not exactly what the signatures are about. They are mainly about
> preventing MitM attacks, whether from mirror administrators or someone
> attacking your internet connection directly.
Or earthly things like failing disks or failing network connections.
It's always good to _verify_ that the software arrives as intended by
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----