Comment 3 for bug 604698

Please note that this patch is insufficient. It merely filters requests for signed packages, but it does nothing to actually download the keys and install them into apt, so that the signatures will actually be verified.