Does anaconda verifies gpg signatures to ensure the integrity of the packages?
Are the keys already imported or how does anaconda do this job?
Any suggestions to improve the integrity while kickstarting a system?
Do you use repo_gpgcheck?
-- Thanks, LF