On Tue, Apr 04, 2006 at 10:47:46AM +0200, houghi wrote: > On Tue, Apr 04, 2006 at 08:58:12AM +0200, Andreas Jaeger wrote: > > "Michael DePaulo" <[EMAIL PROTECTED]> writes: > > > > > Hey all, > > > > > > First of all, it looks like the non-OSS software repository for opensuse > > > beta9 isn't setup right. > > > > > > ftp://ftp.suse.com/pub/suse/install/10.1/SUSE-Linux10.1-Beta9-Extra/ > > > > It looks more like a bug in YaST, please create a bugreprot against > > YaST with log files attached, > > Could this be related to the checking with the content.key? If yes, how is > the content.key calculated? On what is it based? > (Perhaps people killfiled the makeSUSEdvd thread, so I ask here again)
> Could we get any info on this security thing, or is is security through > obscurity? This security thing is very new thats why not much of it is documented yet. - The content.key is a GPG public key, ascii armor protected. - With this key, the content file is signed. The content file contains references to the metadata of CD, including more keys. - YUM repodata also must be signed with one of those public keys to be accepted. In the next beta/rc there will be key dialogs shown that allow accepting, importing keys and similar. Ciao, Marcus --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
