On Fri, Aug 8, 2008 at 11:49 AM, Adam Jimerson
YaST2 and openSUSE-updater are complaining that the signing key used on the ATI repo does not match the key that I accepted when I added the repo. The exact error that YaST2 is giving me is:
Validation Check Failed
File repomd.xml is signed with the following GnuPG key, but the integrity check failed:
ID A794DEA1FC2D149 Fingerprint: 7D6F 1AF2 6CD1 D227 CD54 4AAE A794 D9EA 1FC2 D149 Name: ATI Linux Software (ATI-REPO.ZIP)
Created: 06/12/2008 Expires: 06/12/2009 This means that the file has been changed by accident or by an attacker since the repository creator signed it. Using it is a big risk for the integrity and security of your system.
Use it anyway? Yes/No buttons
I'm going to hit No, but did the ATI repo get a new key? I am sending this to the email address the signed key as hoping that someone on ATI's side will have an answer also. -- "We must plan for freedom, and not only for security, if for no other reason than only freedom can make security more secure." Karl Popper
Good question. A search on the address atilinuxsoftware@ati.com reports two keys generated in June of 2006 and June 2007, so maybe they have a practice of changing keys yearly. Never the less, the key you posted does not verify for me either regardless of which of the several key servers I used. -- ----------JSA--------- There are 10 kinds of people in this world, those that can read binary and those that can't. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org