[Rpm-maint] [rpm-software-management/rpm] Implement a new openpgp.cert.d based keystore (Issue #3341)

Neal Gompa (ニール・ゴンパ) notifications at github.com
Mon Nov 11 10:59:48 UTC 2024


Actually, I'd flip it on its head: trust should be per-system instance and can be in `/etc/pki/rpm-pgp/trusted-keys.d` and a regular `/etc/pki/rpm-pgp/keys.d` and `/usr/share/pki/rpm-pgp-keys.d` (or `/usr/lib/sysimage/rpm-pgp-keys.d`) for keys that need TOFU (as the current workflow does now with packaged keys) is what I think we should do.

I feel like that describes enough of how this works.

-- 
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/3341#issuecomment-2467888265
You are receiving this because you are subscribed to this thread.

Message ID: <rpm-software-management/rpm/issues/3341/2467888265 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20241111/d7c6e4e6/attachment.html>


More information about the Rpm-maint mailing list