[CentOS-devel] repo_gpgcheck for centos repos?

Tue Sep 8 15:12:46 UTC 2020
Neal Gompa <ngompa13 at gmail.com>

On Fri, Sep 4, 2020 at 1:10 PM Brian Stinson <brian at bstinson.com> wrote:
>
> While we want signed repodata to be *available* to folks who want to enable it, We don’t want it necessarily to be the default for all users. We want it to be a decision that folks make for their own sites.
>

This is a very bizarre stance to take. Enabling repo_gpgcheck for
the CentOS provided repos in their repo files should not harm anything
else, and only further ensures the integrity of the repository
content.

Is there a compelling reason to *not* change the defaults? Because
from my perspective, I don't see any.



--
真実はいつも一つ!/ Always, there's only one truth!