Am Donnerstag, 19. März 2009 00:16:21 schrieb Lars Marowsky-Bree:
On 2009-03-18T07:33:28, Adrian Schröter <adrian@suse.de> wrote:
IMHO, not really, the key should be uploaded to a public keyserver by the OBS.. unfortunately that seems not currently implemented.
By intention, because I think it would be bad to flood the key servers, no ?
Since the key is autogenerated anyway and apparently "untrusted" and unencrypted, is there any specific reason why each project has its own key, instead of just one per buildservice instance?
Because each projcet has different people with write access. You do not trust necesserally the KDE:* or even all home:* people when you have accepted the trust of the Kernel: people. But all the different keys should be signed by a global build service key. But that just tells you that it comes from our build.o.o instance. bye adrian -- Adrian Schroeter SUSE Linux Products GmbH email: adrian@suse.de -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-buildservice+help@opensuse.org