@JanZerebecki This work is meant to create the conditions to move to new signatures over time while retaining backwards compatibility.
A draconian policy that does not contemplate the possibility of getting an RPM with unknown signatures would make any transition impossible. I am sure it should be an optional policy you can set on your system if you want to be strict, but we are talking about reasonable defaults here. Of course if rpm does not recognize *any* signature it should fail, but as long as it can verify all known ones it is fine. -- Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/issues/3385#issuecomment-2460359947 You are receiving this because you are subscribed to this thread. Message ID: <rpm-software-management/rpm/issues/3385/[email protected]>
_______________________________________________ Rpm-maint mailing list [email protected] http://lists.rpm.org/mailman/listinfo/rpm-maint
