Comment # 5 on bug 954274 from 
(In reply to Marcus Meissner from comment #4)
> Michael, this http://linuxdownload.adobe.com/linux/x86_64/
  You don't have permission to access /linux/x86_64/ on this server.

We currently just offer to import the key that is used to sign the metadata.

No matter if the repo matadata are signed or not, we'd need a way to offer
additional keys used to sign packages in the repo. Where shall those keys come
from?


The susetags content-file has a KEY section, and we at least download the
gpg-pubkeys listed there. Rpmmds repomd.xml by now has nothing like this; we'd
need a similar section for additional keys to download. If we have a way to
make those keys available on a system, we could make zypper ask whether to
import those additional keys as well.

You are receiving this mail because: