[Rpm-maint] [rpm-software-management/rpm] Fingerprint subpacket parsing support (#1728)
Justus Winter
notifications at github.com
Wed Mar 2 11:04:08 UTC 2022
> @teythoon under what circumstances would a signature have an 8-byte key ID subpacket and a v4 fingerprint subpacket that do not match? My understanding is that v5 key IDs are 96 bits and are in any case not used in any packets or subpackets, and RPM does not support v3 keys.
We are reverting v5 key ids back to 8 octets.
> So this seems to imply that the signer is buggy.
Issuer information in signatures are hints authenticated by the key resulting from that lookup actually verifying the signature. The RFC is very explicit in that regard. I don't know what else to add.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/1728#issuecomment-1056796844
You are receiving this because you are subscribed to this thread.
Message ID: <rpm-software-management/rpm/pull/1728/c1056796844 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20220302/7c6ea801/attachment.html>
More information about the Rpm-maint
mailing list