-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Michael Andres wrote:
Hi.
Disable signed repos if the user does not trust the key?
It's IMO a valid request as the user actively prevents the repo from being used. Or shall we continue to nag the user about trusting the key on every refresh?
Why not leave it to the user to remove the repo (zypper lr/rr, or in yast gui) before doing other operations?
The question is whether this default should be implemented in libzypp, or if it is something the application should explicitly ask for:
Trust key?
[ ] Once [ ] Always (import)
[X] No [X] not now (ask again on next refresh) [ ] maybe later (disable the repository) [ ] never (delete the repository)
While it would be certainly nice to have the possibility to remove the repo right away, but i'm not sure whether such IMO little benefit would outweight the code effort (the callbacks, translations, handling etc..) + some people might find it too complex or (paradoxically) annoying.
Or shall we introduce some zconf option
RepoWithUntrustedKey = [nag|disable|delete]
If at all, i would go without additional user prompting: RepoWithUntrustedKey = noop|disable|delete with noop as the default - -- cheers, jano Ján Kupec YaST team - ---------------------------------------------------------(PGP)--- Key ID: 637EE901 Fingerprint: 93B9 C79B 2D20 51C3 800B E09B 8048 46A6 637E E901 - ----------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iEYEARECAAYFAkkwCugACgkQgEhGpmN+6QFv5QCeNl6mgS5I416duNHTp6hDMmC9 oQ4An202MkaezP/JM3L/tnewXKnbCNXb =SvKl -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: zypp-devel+unsubscribe@opensuse.org For additional commands, e-mail: zypp-devel+help@opensuse.org