The Keystone YUM repository client configuration provided in keystonerepo.rpm makes use of enforced GPG checking (gpgcheck=1) on all software downloaded through this repository. Any RPM downloaded through the Keystone repository that fails signature validation is prevented from being installed. This functionality is used in the scheduled auto-update capability of the Keystone Collector to ensure only valid and authentic software is installed at your site.