Support, a freshly updated 15.4 RC (via zypper dup some day(s) ago) suddenly asks for a decision on this suse packages signing key in yast2 module when going into the online update configuration gui. what the heck? YaST2 - online_update_configuration @ tux01 Loading the Package Manager... x Load Sources => Refresh Sources - Rebuild Cache - Load Data ┌──────────────────────────────────────────────────────────────────────────────────────────────────┐ │┌──────────────────────────────────┐ Import Untrusted GnuPG Key │ ││The owner of the key may ┬ The following GnuPG key has been found in repository │ ││distribute updates, packages, and │ Update repository with updates from SUSE Linux Enterprise 15│ ││package repositories that your │ (http://download.opensuse.org/update/leap/15.4/sle/): │ ││system will trust and offer for │ ┌──────────────────────────────────────────────────────────┐│ ││installation and update without │ │ID: 70AF9E8139DB7C82 ─│ ││any further warning. In this way, │ │Name: SuSE Package Signing Key ││ ││importing the key into your │ │Fingerprint: FEAB 5025 39D8 46DB 2C09 61CA 70AF 9E81 39DB ││ ││keyring of trusted keys allows the┴ └──────────────────────────────────────────────────────────┘│ ││key owner to have a certain amount│ You can choose to import it into your keyring of trusted │ ││of control over the software on │ public keys, meaning that you trust the owner of the key. │ ││your system. │ You should be sure that you can trust the owner and that │ ││ │ the key really belongs to that owner before importing it. │ ││A warning dialog opens for every │ │ │└──────────────────────────────────┘ [Trust] [Cancel] │ └──────────────────────────────────────────────────────────────────────────────────────────────────┘ Downloading: 3 KiB/s (on average 3 KiB/s) - http://download.opensuse.org/update/.../repodata/repomd.xml i have not clicked or selected anything i only fired up yast2 and went into that module to check the state of online updates and if they were configured etc. what now? why? :( what IS the advices and best practices work flow actually for the END USER on these matters deciding about keys and their acceptance and trust when messing or just working with the normal default repos on the various opensuse leap systems? I just fail to understand how a normal user would need to make up decisions of trust and everything that goes into this. I am very dissatistfied with these matters :( frustrated. ty.