-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Am 17.02.2013 18:41, schrieb Stephan Kulow:
Am 17.02.2013 18:24, schrieb Jiri Slaby:
Hi Greg,
to solve $SUBJ, we need a certificate to sign a kernel with now. It can be created by: osc signkey --create openSUSE:Tumbleweed
This will change the key so that everybody has to approve the change in zypper/yast when installing. If anybody else knows a better way without changing the certificate, tell us.
You can make the signing conditional on some prjconf setting - it's really useful only for 12.3 and its update projects
To explain a bit more: if your key is not bundled in shim, the signature is rather useless as it can't be verified. So changing the key for something as useless and annoy tons of users doesn't sound like good. Greetings, Stephan -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlEhRwcACgkQwFSBhlBjoJazIACdHytu725IoQxBs4MUI3sbWeDf ZFsAnjm31XqktrDLZeCJplRkdvfi6NBs =4lr0 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org