New package distribution-gpg-keys
alex.ploumistos at gmail.com
Fri Oct 16 08:13:24 UTC 2015
On Fri, Oct 16, 2015 at 10:26 AM, Miroslav Suchý <msuchy at redhat.com> wrote:
> Right now at least two projects (mock and fedora-upgrade) contains and use those keys.
> So once this get into Fedora (and Epel) I can remove those keys from fedora-upgrade and mock and use this common package.
> Mock need CentOS and Epel keys when installing epel chroot and vice versa when installing fedora chroots on RHEL/CentOS.
> It can not use epel-release because it is not available on Fedora.
Thanks, it all makes sense now.
> The other keys (rpmfusion and in future Copr) are there just because we can. It is meant as safe way of delivery.
> Instead of manual downloading from web and verification that the download is correct (do you really do that?)
When it comes to keys on my systems, yes, I tend to get _that_ paranoid.
Btw, what about upstream links to the keys in the spec file?
More information about the devel