Is there a recommended way to obtain the Terra repo signing public key securely?
For example, is there a "terra" package that can be installed from RPMfusion, or a package like distribution-gpg-keys (on Fedora) that creates a secure chain of signatures?
The download page recommends some command with --nogpgcheck, which is fairly weak. (I assume it relies on trusting both the SSL CA ecosystem and your web servers.)
Is there a recommended way to obtain the Terra repo signing public key securely?
For example, is there a "terra" package that can be installed from RPMfusion, or a package like distribution-gpg-keys (on Fedora) that creates a secure chain of signatures?
The download page recommends some command with --nogpgcheck, which is fairly weak. (I assume it relies on trusting both the SSL CA ecosystem and your web servers.)