I think the most simple solution to this is just to have a simple key for all PPAs. This would ensure that the package comes from the PPA as intended. Users should be aware that packages from PPAs are not 100% safe. If an uploader system is compromised, for example, and the personal keys and passwords are present in the system; the PPA would be compromised.
I think the most simple solution to this is just to have a simple key for all PPAs. This would ensure that the package comes from the PPA as intended. Users should be aware that packages from PPAs are not 100% safe. If an uploader system is compromised, for example, and the personal keys and passwords are present in the system; the PPA would be compromised.