[Rpm-maint] [rpm-software-management/rpm] Distinguish whether a signature failure is due to legacy crypto or a bad signature (Issue #2402)

Neal H. Walfield notifications at github.com
Wed Mar 1 13:43:06 UTC 2023


I added https://github.com/rpm-software-management/rpm-sequoia/commit/9fd8f7de9e1cf98ff11ec246189488696ca714ea , which returns `NOTTRUSTED` when a signature verifies using legacy crypto, but not using the configured policy.  I'm not going to make a release until rpm adopts this.  Let me know if and how I can help.

-- 
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/2402#issuecomment-1450173219
You are receiving this because you are subscribed to this thread.

Message ID: <rpm-software-management/rpm/issues/2402/1450173219 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20230301/dfa7178a/attachment.html>


More information about the Rpm-maint mailing list