See my comment above, the situation has not changed in any way.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
Is there a chance to revive this? from a quick look they seem pretty
interchangeable.
The main difference is see its more modern and complex. Not vendoring comes
with the advantage not needing to maintain the code anymore and not duplicating
those libraries on the system.
--
You are
A signature of another type will just fail to verify, which is what matters.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
Closed #1742.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/1742#event-5304375153___
Rpm-maint mailing list
To conclude, neither revocation or expiry is particularly meaningful in the rpm
context, only a very limited subset of OpenPGP spec is relevant to rpm.
Revoking has been discussed at length here already, and while expiry is far
simpler on the outset, tick of the clock will not remove expired
Closed #1598.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/1598#event-5304296943___
Rpm-maint mailing list