On Wed, 28 Apr 2004, Lance Davis wrote: > But surely - if the key is not the correct one - ie is a trojan, then the > packages may also have been signed with the trojanned key anyway - because > they are being downloaded from the same source ..... > > The key should really not be sourced from a mirror I guess, only from the > root repo, or the key md5sum should be checked . ??? well, yes -- I did not want to publicly point out that if the mirror is compromise, we are toast anyway with the present setup. I have been thinking about trust and how to get more of it in you keying. My post was in part to talk through the issue, to see if something obvious to solve the problem would appear -- ultimately, there has to be at least one manual operation, or a publicly countersigned (as by a external CA) to get past the problem. -- Russ