On Fri, Dec 31, 2021 at 3:32 AM Vitaly Zaitsev via devel
<devel@lists.fedoraproject.org> wrote:
>
> On 30/12/2021 12:58, Roberto Sassu wrote:
> > This has not been decided yet, but likely the Fedora kernel will
> > contain the official Fedora keys, and the user will decide to add
> > new keys (including those from COPR).
>
> 1. What about self-built RPMs? I always build RPMs in mock and test them
> locally before submitting them to Koji as Fedora updates.

Sounds like, if this is enabled, they'll need a GPG key associated
with their personal repository.

> 2. Such keys must be added/removed automatically with the corresponding
> COPR repositories.

Key management is one of the reasons GPG validation od deployed
software has never really taken off.
_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Reply via email to