fai repository untrusted

[Per Foreby]

Why isn't the fai repository gpg signed?

It would be nice to be able to use the latest and greatest fai version 
without having to decrease security.

But if I don't add apt settings (like /etc/apt/apt.conf.d/10fai in the 
nfsroot), all package upgrades will fail when running a softupdate.

So at present, I have three choises:

1. allow untrusted packages
2. use the older version from the debian repository
3. download the package and add it to my own signed repository

/Per