On Monday 29 October 2007 15:21, Wolfgang Woehl wrote:

...

...

...

Wolfgang

I wanted to take this name in high-school German class, but someone beat me to it. I ended up with Gerhard.

How unfortunate.

Now, now. My parents tell me they wanted to name me "Hans," (which, for some reason, they pronounce "hunce"—America has a way of corrupting our ancestors' languages...), but, thank god, there was already a Hans Schulz (probably Hans Schultz) in my little home town. ... Whew! I really dodged a bullet there! Randall Schulz --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org

Randall R Schulz wrote:

On Monday 29 October 2007 15:21, Wolfgang Woehl wrote:

...

...

...

...

Wolfgang

I wanted to take this name in high-school German class, but someone beat me to it. I ended up with Gerhard.

How unfortunate.

Now, now.

My parents tell me they wanted to name me "Hans," (which, for some reason, they pronounce "hunce"—America has a way of corrupting our ancestors' languages...), but, thank god, there was already a Hans Schulz (probably Hans Schultz) in my little home town. ... Whew! I really dodged a bullet there!

Randall Schulz --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org

Frank Zappa was interviewed and he was asked: Aren't you afraid your children will get in trouble because of their names, Moon Unit and Dweezil? FZ answered: I don't think their first names will get them in trouble. But yes, they will probably get in trouble because of their last name. -- Vahis --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org

Dienstag, 30. Oktober 2007 Marcus Meissner:

A good trust management for keys was requested for several releases now, but has not happened so far.

Where can you even review which keys yast/zypper uses? Sure, a "good" trust management would be fine. But I fail to see *any* trust management to begin with. Wolfgang --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org

Donnerstag, 1. November 2007 Michal Marek:

Wolfgang Woehl wrote:

...

Dienstag, 30. Oktober 2007 Marcus Meissner:

...

A good trust management for keys was requested for several releases now, but has not happened so far.

Where can you even review which keys yast/zypper uses?

rpm -qi gpg-pubkey | less (these are keys imported into the rpm db, but they'll usually match those used to sign the repos).

find /var/lib/zypp/ -name '*.key' | xargs -L 1 gpg are the keys used by zypp.

Hi Michal, So, please correct me if I'm wrong, in order to link, say, the packman key I have in rpmdb to some factual trust information like packman's website I have to 1. rpm -qi gpg-pubkey > rpmdb-signing_keys.txt (I don't see how you can fingerprint these with rpm so you need to ...) 2. gpg --import rpmdb-signing_keys.txt 3. gpg --fingerprint in the console? There is no way in yast to do this. Which leaves the majority of people with the non-choice of accepting a key they cannot check in order to install a package. Why do I have the feeling that I must be missing something here? That this just cannot be? Wolfgang --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org

On Thursday 01 November 2007 11:38:22 am Michal Marek wrote:

rpm -qi gpg-pubkey | less (these are keys imported into the rpm db, but they'll usually match those used to sign the repos).

those are the trusted keys that are always seen as trusted

find /var/lib/zypp/ -name '*.key' | xargs -L 1 gpg are the keys used by zypp.

those are the known keys, can be untrusted --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org