Ken in Debian and its derivatives keys are a security feature that indicates the signer of the key is the person or organisation who packages what you are downloading. If you install packages without a key it could be suggested you don't know who packaged it or if it has been modified from the original package.

Lisi is correct in her statement "safety is as safety does" in that if you are happy to download packages you believe are packaged by Slavek or Tim or anyone else involved with Trinity without a signed key to check it against then you take it upon yourself to ensure the package is what it is supposed to be. If you want the extra layer of security then it is always wise to have the key and let apt do its job confirming the package against the key for the person or organisation that packaged it.

On 12 May 2015 at 12:52, Ken Heard <kenslists@teksavvy.com> wrote:

On 2015-05-11 17:17, Lisi Reisz wrote:

<snip>

It is safe to download files from http://mirror.xcer.cx/trinity-sb
without authentication?

Safety is as as safety does. I have done it! But would not recommend it to
anyone else.

Lisi I am confused. Are you recommending against downloading packages without authentication or using a preliminary stable build of TDE R14.0.1 -- or both?

The problem is ongoing, it turns out, and the problem lies with the server.
Alternative servers suggested by Slávek earlier in this thread:

keys.gnupg.net

With this key server I was able to download the key I needed. Thank you Lisi and Slávek.

Regards, Ken

---------------------------------------------------------------------
To unsubscribe, e-mail: trinity-users-unsubscribe@lists.pearsoncomputing.net
For additional commands, e-mail: trinity-users-help@lists.pearsoncomputing.net
Read list messages on the web archive: http://trinity-users.pearsoncomputing.net/
Please remember not to top-post: http://trinity.pearsoncomputing.net/mailing_lists/#top-posting