Oh, and that's of course just the "do nothing" scenario. We certainly want to
keep the crypto provider build-time switchable, so if somebody wants to take,
say, the existing parser and run with it, they're welcome to do so. I only
really care about getting it out of *my* hair.
--
Reply to
I don't see an issue. For rpm, there must be a way to build it without Rust,
this is just for sanity's sake. Those who insist on having signatures all the
way through (good luck with that), just consider Rust to be a bootstrap
requirement then. It's a choice, like any other.
--
Reply to this
Bootstrapping without Rust has been mentioned as a requirement on the Fedora
development mailing list. However, not being able to verify signatures is a
very bad idea for security. This discussion is about trying to resolve this
conundrum.
--
Reply to this email directly or view it on