Bug ID 1184808
Summary AUDIT-0: Shipping keys via repos
Classification openSUSE
Product openSUSE Distribution
Version Leap 15.3
Hardware Other
OS Other
Status NEW
Severity Major
Priority P5 - None
Component Security
Assignee security-team@suse.de
Reporter jsegitz@suse.com
QA Contact qa-bugs@suse.de
CC d_werner@gmx.net, guillaume.gardet@arm.com, lubos.kocman@suse.com, mlin@suse.com, ro@suse.de
Depends on 1184326
Found By ---
Blocker --- 

+++ This bug was initially created as a clone of Bug #1184326 +++

Details are in the original bug.

copy paste from Michael: I'd be happy if we now catch the momentum and get a
solution for this quite common issue (a repo that want's to ship additional
keys). It would IMO be a good step forward especially for 3rd parties, if they
are enabled to ship their keys in way zypp recognizes them when the repo is
added.

This is an issue for Leap 15.3 because of the SLES key, but they want a more
general mechanism. As this is a very sensitive topic we should review this
first

You are receiving this mail because: