Hi Florian, On Tue, 10 May 2022 12:04:52 +0200, Florian Weimer wrote: > * Neal H. Walfield: > > > There are two major constraints. Because rpm's OpenPGP API is public, > > it must be preserved until the next soname bump. And, the OpenPGP > > backend should be pluggable. > > How is this plug-in mechanism supposed to work? Via RPM configuration > files?
It is a build-time configuration option. When you configure rpm, you can do: ./configure --with-crypto=sequoia to get the Sequoia backend. --with-crypto defaults to libgcrypt, which uses the internal OpenPGP implementation with libgcrypt. (There is also --with-crypto=openssl, which uses the internal OpenPGP implementation with OpenSSL.) This is not intended for users to be able to dynamically change the OpenPGP backend. In practice, I would expect that a distro would standardize on a backend. :) Neal