software-o-o
software-o-o copied to clipboard
Display GPG key of repository
Can we somehow display the GPG key of repositories for users?
So they can easily verify they are getting the correct repository and not some man.-in-the-middle attacked one?
This would be in /repodata/repomd.xml.key
Should display of both the full ascii armored and also the fingerprints as shown by the YAST import dialog. @adrianschroeter
That wouldn't help against a man-in-the-middle attacked software.opensuse.org...
it is currently already https enabled.