I was interested in testing Spacewalk on CentOS 5.2 .. in fact it was on my (already too long) TODO list . So i followed the instructions from the Spacewalk Wiki but it failed during the yum process : "Public key for asm-1.5.3-1jpp.ep1.1.el5.2.noarch.rpm is not installed"
Hmm, i imported both EPEL and Spacewalk rpm signing keys so i had a look on the key used to sign that package : "asm-1.5.3-1jpp.ep1.1.el5.2.noarch.rpm: (SHA1) DSA sha1 md5 (GPG) NOT OK (MISSING KEYS: GPG#37017186)"
Hey, that's the Red Hat security team signing key ! Why was it used to sign a package in the Spacewalk repo ? I guess that it's imported by default on RHEL5 but you have of course to import it (and first verify it of course) : see the key 37017186 on the http://www.redhat.com/security/team/key/
And now the fun begins .. ;-)