On 07/ 8/10 02:12 AM, Darren J Moffat wrote:
On 07/07/2010 23:43, Brock Pytlik wrote:
[snip]
If the intent is that the signature section only exists in signed
packages you just need pkg.sigalg=rsa-sha256, you don't need a
pkg.hashalg as well.
However if the intent is to have pkg.hashalg be used for non signed
packages then having both pkg.hashalg and pkg.sigalg present when they
are signed is fine too.
I feel like we're talking past each other here, so I'm going to try and
rephrase the question I have.
You keep saying that pkg.sigalg should be something like "rsa-sha256."
I'm asking why it's not possible to construct that value from two
pieces, pkg.hashalg, which has values like "sha256", "sha512", and
pkg.foo (for now let's just call it pkg.foo), which has values like
"rsa", "dsa", "ecdsa", etc...
I haven't seen any reason yet why that's not a rational thing to do. If
it is a rational thing to do, then I'm suggesting that pkg.foo actually
be called pkg.sigalg. Having these two pieces which, to me at least,
seem orthogonal, stored in separate places and then combined makes more
sense to me than storing x^2 long strings.
Thanks,
Brock
_______________________________________________
pkg-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
