Mailinglist Archive: opensuse-bugs (19817 mails)

< Previous Next >
[Bug 392064] PackageKit (?) - weird notifications: Repo signature verification failed
  • From: bugzilla_noreply@xxxxxxxxxx
  • Date: Fri, 23 May 2008 07:47:17 -0600 (MDT)
  • Message-id: <20080523134717.9C55924538D@xxxxxxxxxxxxxxxxxxxxxx>

User dmacvicar@xxxxxxxxxx added comment

Duncan Mac-Vicar <dmacvicar@xxxxxxxxxx> changed:

What |Removed |Added

--- Comment #13 from Duncan Mac-Vicar <dmacvicar@xxxxxxxxxx> 2008-05-23
07:47:16 MST ---
1. We (zypp backend) need to produce a better message when the repo has a gpg
key that has not been accepted. Instead of "Repo signature verification failed"
we need to say something like "Repository xxx is signed with an unknown key".


Those are 2 different situations, the second one means the repo is signed with
a unknown key, but the verification is ok, while the first means the file is
signed and some evil person corrupted it!

So if you get "Repo signature verification failed" is not a normal situation
and the user has to be aware of it.

If you want to change the message do it to "the repository was modified in a
evil way" or something, but don't lie to the user about the situation.

I would say close as INVALID.

Configure bugmail:
------- You are receiving this mail because: -------
You are on the CC list for the bug.

< Previous Next >