Key import and verification already works, it's just that rpm does not know
where to put the signature.
You can view, comment on, or merge this pull request online at:
https://github.com/rpm-software-management/rpm/pull/3034
-- Commit Summary --
* Allow signing with ECDSA keys
-- File Chan
See also 23770e1a4f28c56a31fe600cae332c77333b60b6
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3034#issuecomment-2051692148
You are receiving this because you are subscribed to this thread.
Message ID: _
Maybe we should put all unknown algorithms into the DSA slots. I think the
distinction was just done so that very old rpm versions didn't trip when they
saw a non-rsa signature. Another reason could have been to allow both signing
with the old RSA/MD5 (for compat reasons) and the new DSA/SHA1 co
I wonder if the License of the generated debugsource package should be derived
from the SourceLicense tag or not. Do we assume the debugsource package
contains sources, hence it is covered by SourceLicense, or do we assume it only
contains sources of stuff that has been built, and hence should n