Hello all, Sorry if this has been asked before but is there currently any way for a Debian user to verify the authenticity of a .deb file using PGP without having the source? When a package is built, the .changes and the .dsc file is signed which allows dinstall to verify it but is there any support in apt, dpkg, or Debian in general for a detached PGP signature on the .deb file itself provided that the user has the Debian-keyring package installed?
-- Shane Wegner: [EMAIL PROTECTED] Sysadmin, Continuum Systems: http://www.cm.nu Tel: (604) 930-0530 Personal website: http://www.cm.nu/~shane Fax: (604) 930-0529 PGP: keyid: 2048/F5C2BD91 ICQ UIN: 120000 Fingerprint: 8C 48 B9 D8 53 BB D8 EF 76 BB DB A2 1C 0D 1D 87
pgpgZhzseqsYf.pgp
Description: PGP signature
