[Rpm-maint] [rpm-software-management/rpm] Ensure unique tags for in signature header (#1570)
Panu Matilainen
notifications at github.com
Mon Mar 8 08:04:35 UTC 2021
Putting them in the main header would only work if the signing happened during the package build. Otherwise, putting anything in the main header breaks the immutable region hashes, which is a no-no: signing must not modify what is being signed. (IMA signatures were initially this way)
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/1570#issuecomment-792558196
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20210308/faa7594c/attachment.html>
More information about the Rpm-maint
mailing list