I do not think we want to get into the rabbit hole of considering multiple
signatures this way.
If people really want to bind multiple signatures together they will be able to
issue a hybrid signature in future that does the proper binding at the
signature level.
If you still wanted to sign headers then the proper solution would require
multistage signing:
1) you would need a way to tell rpm what signatures you are planning to use, so
that you can lay out the headers with all the data save the actual signature
bytes, those would be skipped or set to an array of zeros.
2) you would then apply each signature in turn, and finally you would fill the
zeroed arrays with the signatures produced. Verification would need to zero out
all signature fields before feeding the data to the verification function.
I think this is needlessly complicated and will prevent adding additional
features by 3rd parties a feature I think has significant promise.
I would rather leave it to local policies to enforce specific signature types
and specific keys to be validated and not try to create this kind of binding.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/2224#issuecomment-2511670253
You are receiving this because you are subscribed to this thread.
Message ID: <rpm-software-management/rpm/issues/2224/2511670...@github.com>
_______________________________________________
Rpm-maint mailing list
Rpm-maint@lists.rpm.org
https://lists.rpm.org/mailman/listinfo/rpm-maint
