|
|
|
|
|
|
by tomn
4159 days ago
|
|
|
The signing used by pacman (on arch) seems relatively nice, in that individual packages are signed by the maintainer rather than the repository. Whether or not this buys you any extra security, I'm not sure. In reality I don't think many users check maintainer keys when asked if they want to trust them, but they could. |
|
|