Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Multi-signature verification support #567

Open
phmccarty opened this issue Jan 15, 2020 · 0 comments
Open

Multi-signature verification support #567

phmccarty opened this issue Jan 15, 2020 · 0 comments
Labels
enhancement Feature request for autospec refactor-needed Refactoring needed to fix issue or implement feature review Issue to be reviewed as being in-scope or out-of-scope for autospec

Comments

@phmccarty
Copy link
Contributor

The release tarball for the current stable release of gnupg, version 2.2.19, was signed by two keys, producing a single detached signature file containing two concatenated signatures. However, autospec currently assumes that a sig file contains one signature.

Supporting multiple signatures will require some redesign of autospec's pkg_integrity module and how autospec tracks the keys, so I'm labeling this as an enhancement.
@phmccarty phmccarty added the enhancement Feature request for autospec label Jan 15, 2020
@phmccarty phmccarty mentioned this issue Jan 17, 2020
Merged
@phmccarty phmccarty added review Issue to be reviewed as being in-scope or out-of-scope for autospec refactor-needed Refactoring needed to fix issue or implement feature labels Apr 15, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement Feature request for autospec refactor-needed Refactoring needed to fix issue or implement feature review Issue to be reviewed as being in-scope or out-of-scope for autospec
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@phmccarty