[Rpm-maint] [rpm-software-management/rpm] Installation / verification should not pass if the (sub)key(s) has been revoked or expired (#1598)

Dmitry Antipov notifications at github.com
Mon Mar 29 14:03:58 UTC 2021


> (that stuff really needs proper docs, sigh...)

Is it intended to describe mechanism or policy? It seems that these two are mixed through the whole code base in an obfuscating and weird way. For example, what's expected to happen if someone try --nosignature install of a package build with `%_pkgverify_level all`?


-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/1598#issuecomment-809403100
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20210329/acc62470/attachment.html>


More information about the Rpm-maint mailing list