RH and Mandriva both use rpm signatures to verify the rpm's have not been touched after they are created. They are signed by the packager. When my system auto-updates you I manually update the VM/Webmin packages my install fails.
----------------------
warning: /var/cache/urpmi/rpms/wbm-virtual-server-3.39-1.noarch.rpm: Header V3 DSA signature: NOKEY, key ID a0bdbcf9
The following packages have bad signatures:
/var/cache/urpmi/rpms/wbm-virtual-server-3.39-1.noarch.rpm: Invalid signature (NOT OK (no key): /var/cache/urpmi/rpms/wbm-virtual-server-3.39-1.noarch.rpm: Header V3 DSA signature: NOKEY, key ID a0bdbcf9)
/var/cache/urpmi/rpms/wbt-virtual-server-theme-4.0-1.noarch.rpm: Invalid signature (NOT OK (no key): /var/cache/urpmi/rpms/wbm-virtual-server-3.39-1.noarch.rpm: Header V3 DSA signature: NOKEY, key ID a0bdbcf9)
Do you want to continue installation ? (y/N) y
-----------------------
You should start signing your rpm's per the outlined requirements for the red hat package manager(RPM) to prevent update failures whether they are manual or automatic.