[Rpm-maint] [rpm-software-management/rpm] rpm --import does not replace old keys with new keys (Issue #2577)
Neal H. Walfield
notifications at github.com
Thu Sep 14 08:10:10 UTC 2023
Ok, thanks for the clarification.
>From my perspective, there is no way to generate a version number for an OpenPGP certificate. This is because an OpenPGP certificate is composed of packets, and packets can be left out without making the certificate completely invalid. This is exactly what `gpg` does when it exports a certificate, and only exports the newest self signature for each component. For me that means that whenever a user tries to install a certificate, `rpm` should unconditionally try and merge it with the existing version. The openpgp backend would also need to provide an interface to merge two versions of a certificate. This will be trivial to implement in rpm-sequoia, but will be very complicated to implement for the internal backend.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/2577#issuecomment-1718968485
You are receiving this because you are subscribed to this thread.
Message ID: <rpm-software-management/rpm/issues/2577/1718968485 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20230914/ad2e264a/attachment.html>
More information about the Rpm-maint
mailing list