Re: [Rpm-maint] [rpm-software-management/rpm] RFE: sign the signature header contents too (Issue #2224)

Demi Marie Obenour Mon, 02 Dec 2024 15:41:03 -0800

I see.  In that case multi-stage signing would not work, but RPM headers are 
non-malleable once the constraints I mentioned above are enforced, so one can 
sign “every header but this one” in an unambiguous and secure way.  I think 
this is @pmatilai’s proposal.


-- 
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/2224#issuecomment-2512809050
You are receiving this because you are subscribed to this thread.

Message ID: <rpm-software-management/rpm/issues/2224/2512809...@github.com>

_______________________________________________
Rpm-maint mailing list
Rpm-maint@lists.rpm.org
https://lists.rpm.org/mailman/listinfo/rpm-maint

Re: [Rpm-maint] [rpm-software-management/rpm] RFE: sign the signature header contents too (Issue #2224)

Reply via email to