Fedora distributes new keys
Posted Sep 11, 2008 16:15 UTC (Thu) by jake (editor, #205)
It definitely does ask if you want to import the new key. If you want to be sure the key it is asking you to import is the actual key that Fedora issued, you have to verify that for yourself. Thus the manual step.
Posted Sep 11, 2008 16:25 UTC (Thu) by skvidal (guest, #3094)
This isn't a new feature, it's been that way in yum for a looooong time now.
Posted Sep 11, 2008 16:34 UTC (Thu) by jake (editor, #205)
Fine, but that still doesn't verify that the key it is trying to import is the key you are wanting to import. In order to verify that (i.e. check the key signature), the manual step is required.
Since package signing keys were part of whatever the "infrastructure issues" were, it would seem prudent to verify them before importing them.
Posted Sep 11, 2008 16:39 UTC (Thu) by skvidal (guest, #3094)
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds