https://bugzilla.redhat.com/show_bug.cgi?id=1834731
--- Comment #91 from Simone Caronni <[email protected]> --- Basically verification requires at least one signature to be valid. I will pipe the output of a script like the one above and just grep for at least one occurrence of "^gpgv: Good signature from". This way, also in the future, after lots of revocations, as long as one of the signatures is valid the release can be verified, and the one "grepped" can also be different every time. -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component https://bugzilla.redhat.com/show_bug.cgi?id=1834731 _______________________________________________ package-review mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
