Hi, > The current support for .deb signatures (as implemented by debsigs > and debsig-verify, which dpkg can be configured to call by disabling > the «no-debsig» configuration option), has multiple limitations. > > The following are the main redesign objectives, which try to fix > those limitations: [...]
I'm not deeply invested in signatures, just an average Debian Developer that uses them quite often. I got immediately lost in the transition from "there are limitations" to a list of detailed design proposals. Is there a summary of the limitations somewhere at a level of "just a user" could follow? All I'm really hoping to do is follow the design discussion at a "how does it impact me" level. Thanks, -Steve
signature.asc
Description: This is a digitally signed message part.
