Am 03.06.21 um 09:34 schrieb Carlos E. R.:
I just set up a 15.3 test machine from scratch. Yesterday installing updates via 'zypper dup' gave me a new repo key to accept and new repos [...] o Do I need the new update repos (repo-backports-update, repo-sle-update)? [...] https://doc.opensuse.org/release-notes/x86_64/openSUSE/Leap/15.3/
1.1 openSUSE Leap now has three update repositories
Thanks. So that's a "yes, one *must* have those". ;-) Am 03.06.21 um 08:56 schrieb Till Dörges:
o How can I verify the newly introduced key?
In terms of crypto usability it doesn't seem like an ideal approach to introduce new trust anchors (i.e. new repo keys) w/o clearly documenting how to verify that it is actually legitimate.
I did not find any way to verify that gpg-pubkey-65176565-5d94a381 in deed is a key to be trusted. Mentioned that here https://bugzilla.opensuse.org/show_bug.cgi?id=1186593 Regards -- Till -- Dipl.-Inform. Till Dörges doerges@pre-sense.de PRESENSE Technologies GmbH Nagelsweg 41, D-20097 HH Geschäftsführer/Managing Directors AG Hamburg, HRB 107844 Till Dörges, Jürgen Sander USt-IdNr.: DE263765024 Besuchen Sie uns gerne auf der digitalen Plattform it-sa 365: https://www.itsa365.de/de-de/companies/p/presense-technologies-gmbh