Mailinglist Archive: opensuse-buildservice (175 mails)

< Previous Next >
Re: [opensuse-buildservice] expired GPG keys ?
On Monday, 24. October 2011 10:13:28 Marcus Meissner wrote:
On Mon, Oct 24, 2011 at 10:12:05AM +0200, Martin Koller wrote:
Hi,

I'd like to learn how the keyhandling in OBS is done, because when trying
to install some
software today, which refreshes the repos in yast, it complains about more
or less every
repo having an expired key (yast wants to import all the keys again).
Now I check my own repo
http://download.opensuse.org/repositories/home:/martinkoller/openSUSE_11.3/repodata/
and find repomd.xml.key which contains a key which has expired more than a
year ago:
expired: 2010-04-01

How can this be ?

They are valid only for 2 years.

osc signkey --extend home:martinkoller

to extend their use.

What I'd like to learn about is:

- I never created a key myself, so I assume OBS did that for me. Still, do I
need to extend
the expiration date on my own ?
- I do not use the commandline tool ocs, but manage my projects via the web
interface
Can I extend the key there, too ?
- Why is it just today that yast finds the expired key ? Does a refresh of a
repo
not check the key ?
- How can a normal user verify a key when yast asks to import it ?

--
Best regards/Schöne Grüße

Martin
A: Because it breaks the logical sequence of discussion
Q: Why is top posting bad?

() ascii ribbon campaign - against html e-mail
/\ www.asciiribbon.org - against proprietary attachments

Geschenkideen, Accessoires, Seifen, Kulinarisches: www.bibibest.at
< Previous Next >