FC4: up2date has unsigned packages???
 

I have imported keys useing "gpg --import RPM-GPG-..." from the /usr/share/doc/fedora-release-4/ directory and when i run up2date the packages are unsigned. I don't want to instal unsigned packages.
Also, the "redhat network alert notification tool" doesn't report there are updates!

anyone got any ideas?
should i just install them?
anyway to fix it?

I just setup yum as usual and set gpgcheck=1 to 0 in the yum.conf.

But yeh they are unsigned, and yes you need to update them or you leave your system wide open to security vulnerabilities. Unsigned or signed, they are still updates.

arn't they supose to be signed??? or has the setting in yum been changed in
fc4?
damn up2date keeps wanting to register with the redhat network.

Get rid of up2date and just use yum for the minute. It needs some messing about, and file editing, but you can script it so that yum runs once a day and does your updates for you automatically.

The packages should be signed yes, but theres obviously some problem at dev level, stopping them from signing the packages (either that or theyre a bunch of lazy sods).

Up2date keeps getting broken, so use yum as suggested above. The updates are supposed to be signed with a gpg key, so go to a Fedora mirror and download all the gpg keys and install them.