Hi Todd--

On Fri 2024-07-26 09:54:32 -0400, Todd Zullinger via Gnupg-users wrote:
> A reasonably common use case for gpgv is to verify
> signatures on release artifacts by distribution packaging
> tools.  Being able to use the upstream provided key
> material, which is typically armored, would make things a
> bit simpler and easier to verify for people interested in
> ensuring those packages are using the proper key material
> and are not introducing any issues.

I recommend using any sopv implementation for that use case, since sopv
is specified to explicitly accept both armored and unarmored
certificates as verification targets.

             --dkg

Attachment: signature.asc
Description: PGP signature

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to