[opensuse] zypper: really no check for expiration of gpg keys?
- From: Joachim Schrod <jschrod@xxxxxxx>
- Date: Tue, 13 Apr 2010 00:16:29 +0200
Hi,
Meta data in OBS repo-md repositories (i.e., repomd. is usually
signed with gpg. It seems that zypper does not check expiration of
used gpg keys. (zypper 1.0.13 on openSUSE 11.1, in case that matters.)
As an example:
http://download.opensuse.org/repositories/Apache:/MirrorBrain/Apache_openSUSE_11.1/
has a key that expired at April 1, 2010; i.e., 12 days ago. (The
key has ID 0xBD6D129A and fingerprint EDDD C98D 96A0 F889 9AB0 7C78
9584 A164 BD6D 129A.)
I would have expected a warning or an error when this repository is
refreshed, but nothing as such happens.
Is this known behaviour? An error in my configuration? A bug? A
change request.
Any comments would be welcome,
Joachim
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Joachim Schrod Email: jschrod@xxxxxxx
Roedermark, Germany
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
- Follow-Ups:
- Re: [opensuse] zypper: really no check for expiration of gpg keys?
- From: Michael Schroeder
- Re: [opensuse] zypper: really no check for expiration of gpg keys?
- From: Michael Andres
- Re: [opensuse] zypper: really no check for expiration of gpg keys?
- Prev by Date: Re: [opensuse] openSUSE 11.2 download does not install
- Next by Date: [opensuse] Search list in DNS resolution
- Previous by thread: [opensuse] KDE 4.4.x updates
- Next by thread: Re: [opensuse] zypper: really no check for expiration of gpg keys?
- Index(es):
Relevant Pages
|
