From Fedora Project Wiki

Revision as of 13:51, 9 September 2008 by Pfrields (talk | contribs)

Checking key fingerprints
Key fingerprints can be checked against

The Fedora Project recently re-signed all of its packages with a new key. Background details regarding the key change are found here. Contact the release engineering team via IRC in #fedora-devel ( or via email to for more information.

We are in the final stages of testing on new builds of the fedora-release, PackageKit, gnome-packagekit and unique (new dependency for gnome-packagekit) packages. After we complete this testing, we will push updates to their appropriate locations and make them available for download. Users who perform a system update will receive these packages.

Once these initial packages are installed, the next update attempt will point to the new repositories utilizing the new signing key. Users must accept the new signing key the first time updates are downloaded. PackageKit prompts you whether or not to import the signing key. To accept the key, press y at the prompt.

Key switching
The new builds of the packages listed above are initially signed with the old key. When they are updated, the new key is imported, the old key is removed from the system, and a new rpmdb is installed using the new signing key.