On Wed, May 24, 2023 at 8:54 AM Marcus Meissner <meissner@suse.de> wrote:
Currently the keys are imported during install.
i was trying a dry run / test from 15.4 via dup releasever when will 15.4 get the new keys? and also could the zypper process or other means not tell the user that the new key is signed by the older keys and trusted and what not and not ask ominous questions that a user can not possibly decide? why does the zypper not tell the user exact about the key to be imported that it is safe and signey by already existing keys or it is not safe because it is a standalone key or that the user ought to check by other means or check at a certain official second channel or web page or any such thing?
As we switched the key just now during the final phases of 15.5 development, the ones already having insalled 15.5 will need this manual work currently. Everyone else will get the key trusted already from the installer.
how will the zypper dup work coming from 15.4?