[Rpm-maint] [rpm-software-management/rpm] multiple signatures support? (#189)

Mike McLean notifications at github.com
Fri Apr 7 19:17:56 UTC 2017


The advantage of a detached signature is that you don't have to modify something in order to certify it. The disadvantage is that you have to have both parts to validate.

Rpms are often signed with multiple keys over their lifetime. Embedded signatures force us to choose between keeping mostly redundant copies, or forever throwing away the previous signed copy. Koji dodges this by having the ability to rip out an rpm signature header and splice it back in later, effectively detaching the embedded signature.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/189#issuecomment-292628002
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20170407/f78275e8/attachment.html>


More information about the Rpm-maint mailing list