On 11/08/2010 11:38 AM, Henne Vogelsang wrote:
------------------------------------------------------------------------ This package comes from an untrusted source and might harm your system!
[Install] [Cancel]
[ ] Details [ ] Never ask me again ------------------------------------------------------------------------
Install == Ignore signature Cancel = Cancel Detail == Show details about the signature Never ask me again == Trust Signature
This is a simple dialog every computer user can grasp and gets presented with, in various forms, everyday already.
It can be of course improved. There are two problems here: - Asking too much. We talked about this during the conference and decided to implement transitive trusting (not asking if the key is signed by a already trusted key) - Wording. ZYpp supports a very complicated workflow. It can trust a key for one use, or remember the trust. The way you present it above is a wording of that workflow for a normal human being. YaST has a completely different dialog last time I checked. First it talks about "Import rpm key". 3/3 words non geeks do not understand. Then the dialog was simplified in a broken way, because it used to ask twice "trust?" "now or forever?", but instead of fixing the real problem the "trust now" option was removed and now you can only "import", which is a verb that has nothing to do with trust. The only mistake in your dialog is that we do trust on refresh of repositories. Not on package installation ;-) -- Duncan Mac-Vicar P. - Novell® Making IT Work As One™ SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg) -- To unsubscribe, e-mail: opensuse-softwaremgmt+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-softwaremgmt+help@opensuse.org