On 01/31/2013 12:39 PM, Reindl Harald wrote: > missing signatures should be a WARNING SINGAL and not > ignored like trained monkeys confirm any SSL warning > in a webbrowser That's why I didn't suggest turning off the check in this case: the package should have come from a proper, reputable repo and if the key wasn't there, it shouldn't have been available for download.