[Rpm-maint] [rpm-software-management/rpm] Support uncompressed/reconstructed payloads (#861)
Panu Matilainen
notifications at github.com
Wed Sep 25 08:42:05 UTC 2019
> deltarpm would also need to be changed to strip away all header+payload digests/signatures from the signature header.
On that note... the grand plan is to drop header+payload digests/signatures from rpm, except an legacy compatibility option. Adding a strong (and signed if package is signed) digest for the payload alone was a pre-requisite for that, and it's also the reason the verify code is written the way it is: for packages built on rpm >= 4.14 you can already disable header+payload digests/signatures without sacrificing security at all. And in this setting, whether the payload is compressed or not is ultimately totally uninteresting.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/861#issuecomment-534917841
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20190925/c8318c12/attachment.html>
More information about the Rpm-maint
mailing list