Mailinglist Archive: opensuse-buildservice (96 mails)

< Previous Next >
[opensuse-buildservice] How to verify new signing keys ?
  • From: Martin Koller <kollix@xxxxxx>
  • Date: Sat, 01 Oct 2016 22:04:27 +0200
  • Message-id: <4683042.8ceQ6EgUZV@lapi.koller>
Hi,

a general question:
When "zypper ref" tells me e.g.

New repository or package signing key received:

Repository: isv:ownCloud:desktop
Key Name: isv:ownCloud OBS Project <isv:ownCloud@xxxxxxxxxxxxxxxxxx>
Key Fingerprint: 1B07204C D71B690D 409F57D2 4ABE1AC7 557BEFF9
Key Created: So 25 Sep 2016 23:09:22 CEST
Key Expires: Di 04 Dez 2018 22:09:22 CET
Rpm Name: gpg-pubkey-557beff9-57e83d02

what is the correct and most reliable/secure way to check if I can trust this
key ?

I thought ok, let's check the OBS Webpages of this repo ...
https://build.opensuse.org/project/show/isv:ownCloud:desktop
but I found no hint about signing keys.

--
Best regards/Schöne Grüße

Martin
A: Because it breaks the logical sequence of discussion
Q: Why is top posting bad?

() ascii ribbon campaign - against html e-mail
/\ - against proprietary attachments

Geschenkideen, Accessoires, Seifen, Kulinarisches: www.lillehus.at
--
To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-buildservice+owner@xxxxxxxxxxxx

< Previous Next >
List Navigation
Follow Ups