I wanted to call attention to this bug I just opened and ask a wider audience for input: https://bugzilla.redhat.com/show_bug.cgi?id=748320 Basically, this boils down to: 1. Do we normally automatically import GPG keys for Fedora-provided package updates when the system is installed/upgraded? If not, should we? If so, is this expected to sometimes "break" during various phases of the software release cycle, requiring a user to manually confirm the key import? 2. Regardless of the above, should automatic-in-the-background Software Updates be prompting for a password, unsolicited, when the user isn't expecting it? Generally, are there any Release Criteria around general security-related behavior of the distro as a whole? Should there be? -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
