Anothe pkgng question: signing a repository

[Garrett Wollman]

In article <20121227162311$64db at grapevine.csail.mit.edu>,
rainer at ultra-secure.de writes:

>I'm creating my own repository and have created a key for it.
[...]
>What does pkg expect to be in this file?

A public key.  It does not use X.509 (nor is there any reason why it
should, although I suppose it could be made to at the cost of
significant added complexity and a bootstrapping problem).

-GAWollman