Hi,
a general question:
When "zypper ref" tells me e.g.
New repository or package signing key received:
Repository: isv:ownCloud:desktop
Key Name: isv:ownCloud OBS Project <isv:ownCloud@build.opensuse.org>
Key Fingerprint: 1B07204C D71B690D 409F57D2 4ABE1AC7 557BEFF9
Key Created: So 25 Sep 2016 23:09:22 CEST
Key Expires: Di 04 Dez 2018 22:09:22 CET
Rpm Name: gpg-pubkey-557beff9-57e83d02
what is the correct and most reliable/secure way to check if I can trust this key ?
I thought ok, let's check the OBS Webpages of this repo ...
https://build.opensuse.org/project/show/isv:ownCloud:desktop
but I found no hint about signing keys.
--
Best regards/Schöne Grüße
Martin
A: Because it breaks the logical sequence of discussion
Q: Why is top posting bad?
() ascii ribbon campaign - against html e-mail
/\ - against proprietary attachments
Geschenkideen, Accessoires, Seifen, Kulinarisches: www.lillehus.at
--
To unsubscribe, e-mail: opensuse-buildservice+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-buildservice+owner(a)opensuse.org
