How to sign a remote repository, i.e. forward agent

Denis A. Altoé Falqueto denisfalqueto at
Wed Jun 30 19:39:57 CEST 2010

On Wed, Jun 30, 2010 at 2:33 PM, Carsten Aulbert
<carsten.aulbert at> wrote:
> Hi Daniel
> On Wednesday 30 June 2010 19:06:58 Daniel Kahn Gillmor wrote:
>> Does this workflow work for you?  if not, why not?
> I've thought about that, but these repos are a shared effort where the secret
> key is also shared by four trusted people - thus there is a source for race
> conditions - albeit the repos are not really that heavily used.

Carsten, I'm helping the developers of Arch Linux to implement a
similar feature in pacman and we concluded that using the Web of Trust
is essential to a sane environment. Please look this wiki for
reference, since the proposal is detailed:

R: Porque prejudica a legibilidade do texto.
P: Porque é ruim colocar a resposta de um e-mail antes do texto citado?

Denis A. Altoe Falqueto

More information about the Gnupg-users mailing list