I’ve installed openSUSE 11.1 and added packman’s repository and running normally for the past days.
Recently received a Repository Signature Required popup.
http://img17.imageshack.us/img17/6084/11372363.png
Is this normal?
What should the proper way to handle this ?
To answer the question from the title: YES. Signing the packages guarantees the integrity of the packages and security of the repos and packages.
What has happened is probably a change in the gpg-key from Packman. Both your system and Packman should have the same key (a pair). There’s a Help section on their website, that explains how to download the gpg-keys so you can check them.
In this specific case I checked. If you want to use the Packman packages, accept and import the key by answering Yes.