Clemens Lang venit, vidit, dixit 2026-01-05 21:46:21: > Hi, > > > On 2. Jan 2026, at 18:24, Gary Buhrmaster <[email protected]> wrote: > > > > I have not followed the other major distros > > (including, perhaps importantly, a major > > Enterprise Linux's planning processes for > > ELnext). Do we have any indications as to > > what they are doing or planning? > > RHEL uses Sequoia-PGP for RPM and is working to add sequoia support to other > clients (podman, buildah, skopeo, eventually ostree, flatpak). Some of those > have already landed upstream. > > Availability of PQC signatures is a major driving factor for this, but not > the only one. As of RHEL 10, libgcrypt (the implementation of cryptographic > primitives underpinning GnuPG) is no longer considered a core cryptography > library of RHEL. > > RHEL 10 already contains RPM signing keys that cannot be understood by GnuPG.
Why oh why? I mean, I'm all for replacing gnupg by something better. But why is RH deliberately chosing key types which force sequoia adoption? I'm sorry to say, but that's another display of the attitude around the sequoia project which keeps at least some people from embracing it. Michael -- _______________________________________________ devel mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
