@dralley commented on this pull request.
> @@ -56,6 +56,8 @@ contains an OpenPGP signature on the header + payload data.
> The PGP
tag is used for RSA signatures and the GPG tag is used for DSA
signatures.
+Note: the signature tags overlap with those of the main header.
The precise meaning of this is a bit ambiguous. It might be possible to read
this as "some tags can exist in both headers simultaneously" or "some tags can
exist in either header". The latter is technically true but isn't that more an
artifact of how the headers get merged together than "correctness"?
It's definitely not universally true, as something would have to be seriously
broken for a main header checksum/signature to end up in the main header :)
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/2861#pullrequestreview-1834626951
You are receiving this because you are subscribed to this thread.
Message ID: <rpm-software-management/rpm/pull/2861/review/1834626...@github.com>
_______________________________________________
Rpm-maint mailing list
Rpm-maint@lists.rpm.org
http://lists.rpm.org/mailman/listinfo/rpm-maint