Trusting repositories (was: Re: Announcing rpmfusion)

[Sertaç Ö. Yıldız]

[12.Eyl.07 15:43 -0400] seth vidal:
>On Wed, 2007-09-12 at 21:42 +0200, Nicolas Mailhot wrote:
>> I hope yum has a check somewhere to forbid installation of unknown
>> default-on repositories.
>
> how on earth would yum know? Do you want yum to have special behavior 
> if it detects a .repo file?

Not for .repo files, but it would be nice to check for GPG keys it 
installs.

> If you cannot trust the repo then don't use it.

Building a chain of trust that way looks wrong.

-- 
~sertaç