On Wednesday 23 February 2011 14:24:23 The Suspect wrote: > >From where comes the trust for your archive? > > Let me explain something that I am sure you are fully aware, just to point > it out. > > Your site says to download the following keyring file in order to trust > your packages: > > http://www.debian-multimedia.org/pool/main/d/debian-multimedia-keyring/debi > an-multimedia-keyring_2010.12.26_all.deb That's for D-M, not Debian. D-M is an unofficial side project. Even if the people on this list had some control over Debian infrastructure they couldn't do much about D-M. Most of the people on this list are simply users of Debian, so they don't have direct control over any Debian infrastructure. Finally, The keys in debian-multimedia-keyring are also in debian-maintainers- keyring from the master Debian repository. Debian CDs already contain the necessary information to verify packages from the master Debian repository, and there are a number of other ways. Presumably, if you are running Debian, you should have these keys. -- Boyd Stephen Smith Jr. ,= ,-_-. =. bss@iguanasuicide.net ((_/)o o(\_)) ICQ: 514984 YM/AIM: DaTwinkDaddy `-'(. .)`-' http://iguanasuicide.net/ \_/
Attachment:
signature.asc
Description: This is a digitally signed message part.