Bug#318630: Design TRUSTED support
Any objections to the proposed design for this feature?
- deb [key=0x1AB52325534,0x3475BDF478] ...
Only accept signatures by one of the listed fingerprints
- deb [keyring=foobar.gpg] ...
Use foobar.gpg to verify the signatures and only foobar.gpg.
deb [trust=always|never] ....
Ignore the Release signature and just always or never trust the
source. "always" would be for file:// or sources on the local
network where you don't care if it is unsigned. "never" would be for
repositories you want to always be asked before they are used and
which should not replace packages from more trusted repositories.
MfG
Goswin
Reply to: