From Fedora Project Wiki

Revision as of 13:42, 9 September 2008 by Jmtaylor (talk | contribs) (some updates)

Key fingerprints can be checked against

The Fedora Project recently re-signed all of its packages with a new key. The story regarding the key can be found here. Contact the release engineering team via IRC in #fedora-devel ( or via email to for more information.

The final stages of testing are being done on new builds of the fedora-release, PackageKit, gnome-packagekit and unique (new dependency for gnome-packagekit) packages. This means that updates will soon be pushed to their appropriate locations and available for download. Once these initial packages have been installed onto user computers the next update attempt will point to the new repositories utilizing the new signing key. Users need to accept the new signing key the first time updates are downloaded. PackageKit prompts you whether or not to import the signing key. To accept the key, press y at the prompt.

The new builds of the packages listed above will initially be signed with the old key. Once updated the new key will be imported and the old key will be removed from the system (a new rpmdb will be installed using the new signing key).

The plan for implementing the new key is still fluid, and therefore may change. Updates to this page will occur as new information becomes available.