On Thu, 2016-11-17 at 11:38 +0100, Kalev Lember wrote:
Is it possible to use cryptography here to make this a bit more safe and easier to use?
We can preinstall selected GPG public keys. I think the solution is to simply forbid installation of flatpaks if the runtime is not on some preinstalled list of known runtimes/keys. I do not want to design yet another "click through this security warning" system.