Good point. How do you deal with encrypted packages if a third party is installing the package? Are you force to give the password away to the third party to be able to make the required configuration changes?