-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Thursday 2008-05-15 at 15:17 -0500, Alberto Passalacqua wrote:
Why don't you simply accept (press p) the new key? :-)
Because I want to know if that is the correct procedure! If I accept as valid a changed certificate with no (independent) validation, there is no security at all. I might as well be using telnet or plain http. Perhaps the correct thing is to add a master certificate to /etc/ssl/certs and consider Novell as a valid CA. Or perhaps Novell should buy a certificate. I dunno. I dunno. So I ask. This is an enterprise level server, it is not mine, and I don't want to do anything wrong. There is a responsibility. I prefer to ask first and be told what to do. But changing a certificate from under our feet, without been told, and after much insistence, learning that I should accept for ever the certificate after comparing the fingerprint to the fingerprint posted in a wiki... a wiki, by definition, can be changed by anyone. It doesn't feel right. Maybe I'm too paranoid. Or too security conscious. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFILMDRtTMYHG2NR9URAiXVAJ9TRbRcJMME0pU0wZo1pzRObY3CNgCfVdWz F76jhtiSjKh7XMTJQHjqNxE= =KXVJ -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-translation+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-translation+help@opensuse.org