[Rpm-maint] [rpm-software-management/rpm] Justus/openpgp fixes (PR #1813)

Panu Matilainen notifications at github.com
Mon Jan 24 12:09:32 UTC 2022


@pmatilai commented on this pull request.



> @@ -503,6 +500,9 @@ static int pgpPrtSubType(const uint8_t *h, size_t hlen, pgpSigType sigtype,
 	case PGPSUBTYPE_REVOKE_REASON:
 	case PGPSUBTYPE_FEATURES:
 	case PGPSUBTYPE_EMBEDDED_SIG:
+	    pgpPrtHex("", p+1, plen-1);
+	    break;
+	case PGPSUBTYPE_NOTATION:

> The RPM developers made it abundantly clear that PGP certificate canonicalization is not needed for RPM. They also explained to me how OpenPGP works, and how the IETF working group works, and that me spending hours every week working on the revision of the spec is nothing new relative to what Werner did. All of that made it a lot less exciting to work on RPM.

Apologies from my behalf if that's the impression you got. That's not at all what I think, just that we're looking at the thing from very different perspectives: the rpm implementation strives to do the bare minimum to get by, and when you look at a spec through such glasses, I guess things will look very different compared to somebody working on a full implementation.

> Also, when I started looking into RPM's implementation, I thought it would be salvageable. I'm no longer convinced.
> 
> Then, I started refactoring RPM with the idea of making the PGP implementation plugable. That turned out to be very messy and immediately break RPM's public interfaces, therefore it cannot be an incremental improvement. Not fun. Lingers in my branch waiting to be picked up again. May happen someday.
> 
> Sorry for dumping. I'm not going to fix RPM's PGP implementation.

Quite understandable. Thanks for looking into it and the patches provided!

-- 
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/1813#discussion_r790681223
You are receiving this because you are subscribed to this thread.

Message ID: <rpm-software-management/rpm/pull/1813/review/860864799 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20220124/8d169f81/attachment-0001.html>


More information about the Rpm-maint mailing list