[Rpm-maint] [rpm-software-management/rpm] Ignore most unhashed subpackets in OpenPGP signatures (Issue #1886)
Justus Winter
notifications at github.com
Mon Jan 17 15:00:59 UTC 2022
> I thought that timestamping signatures were usually of the signature being timestamped, and optionally the public key. At least that is how I believe they work on Windows and macOS.
I guess there are different ways to implement that. One prototype "wraps" the notarized signature like that: https://dev.gnupg.org/T4108#129183
> A raw ed25519 signature (using a distinct tag) would be ideal.
Let's agree to disagree :)
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/1886#issuecomment-1014631927
You are receiving this because you are subscribed to this thread.
Message ID: <rpm-software-management/rpm/issues/1886/1014631927 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20220117/8915dbb5/attachment.html>
More information about the Rpm-maint
mailing list