In article <[EMAIL PROTECTED]> you wrote: > If you are talking about automating the verification process, that > wouldn't quite work. The system that downloads the packages might have > been compromised. The files that I would sign on that system might > have been already modified at the time when I sign them.
Yes you are right, does not work in your scenario. But you can use the unsecure system as a proxy and use apt-get/secure on the trusted machine. Gruss Bernd -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]