Yes, the RPMs are signed and YaST2 will verify the signature.
Oh, that's great. Are other update packages signed too? By GPG? I have to get the key, I assume it's avaiable via HTTPS?
Not yet. They (SuSE-6.3 and newer) will be, as far as rpm can do with them. I'm about to build a package which will install the key. There's just a bunch of ssh and kernel updates in the queue now.
oki,
Steffen
Thanks,
Roman.
--
- -
| Roman Drahtmüller