[Rpm-maint] [rpm-software-management/rpm] Fixes to PGP packet length decoding detection and calculation (#1701)

Demi Marie Obenour notifications at github.com
Tue Jun 15 10:17:41 UTC 2021


> Um, signature encoding is really none of our business. And I'm not convinced there is such a thing as "canonical form" of rpm in the first place, I'm rather wary of the idea.

The purpose of a canonical form of a package is to ensure that if a package is signed by a trusted key, any modifications that change the canonical form will also invalidate the signature.  It is useful in contexts such as Qubes OS’s dom0, where one has only a bare RPM package and no metadata.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/1701#issuecomment-861377213
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20210615/b6c2721d/attachment.html>


More information about the Rpm-maint mailing list