[Rpm-maint] [rpm-software-management/rpm] RFE: add support for multiple OpenPGP signatures per package (Issue #3385)

Simo Sorce notifications at github.com
Wed Nov 6 17:20:54 UTC 2024


@JanZerebecki

This work is meant to create the conditions to move to new signatures over time while retaining backwards compatibility.

A draconian policy that does not contemplate the possibility of getting an RPM with unknown signatures would make any transition impossible. I am sure it should be an optional policy you can set on your system if you want to be strict, but we are talking about reasonable defaults here.

Of course if rpm does not recognize *any* signature it should fail, but as long as it can verify all known ones it is fine.

-- 
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/3385#issuecomment-2460359947
You are receiving this because you are subscribed to this thread.

Message ID: <rpm-software-management/rpm/issues/3385/2460359947 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20241106/37f7afa1/attachment.html>


More information about the Rpm-maint mailing list