Thanks for clarifying that :). Do you happen to know where I can manage (verify, delete etc.) imported gnupg keys?
Thanks! Regards, Aniruddha On Mon, 2007-10-08 at 14:22 +0200, Marcus Meissner wrote: > On Mon, Oct 08, 2007 at 02:12:02PM +0200, Aniruddha wrote: > > Hi Joe, > > > > Thank you for your answers! > > > > May I conclude that is is safe to accept gnupg keys from repositories in > > yast2 -> Community Repositories ? > > > > What do you mean with "the packages... are signed and checked > > independently"? Does this mean the repo owner checks the packages for > > vulnerabilities and yast only checks if the contents matches with the > > signature of the repo owner? > > > > > > Which trusted sources for (source) rpm's do you recommend? > > The community packages are provided ... by our community. > > So in the end you have to decide how much you trust our judgement > to decide on good community members.;) > > The repository owner is responsible for the security fixes, SUSE Security > does that only for the official SUSE repositories. > > Ciao, Marcus > -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
