Things that need to be discussed:
- which signature header tags to (re-)use? (My preference is the gpg tags.)
- do we want to add `RPMRC_UNSUPPORTED` for unsupported algorithms/curves?
Currently unsupported sigs are reported as bad, which is not nice.
- do we want to allow the import of unsupported pubkeys? We currently do not
allow that, my preference is to keep it that way.
Bonus questions:
- what is RPMRC_NOTTRUSTED?
- what is `sinfo->sigalgo`? It does not seem to be set anywhere.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/1202#issuecomment-625704348
_______________________________________________
Rpm-maint mailing list
Rpm-maint@lists.rpm.org
http://lists.rpm.org/mailman/listinfo/rpm-maint
