Zbigniew Jędrzejewski-Szmek wrote:
In more mundane words: a signature will be shipped in the rpm for
each
file separately? And what will be done with this signature on the
destination machine: will it be kept in the rpms database or something
more?
As I understand it, yes.
What is the overhead on packed rpm size, rpm database, on-disk
installation?
Huge, see Panu Matilainen's comment in this thread.
I don't think we should forbid opt-in verification, no matter if
centrally managed or not. It's not 1995 and people have fleets of machines
that are centrally managed...
If it is locally centrally managed, that means people are using their own
signatures and don't need Fedora to put them into the RPMs.
... but that is a good question. The "Benefit to Fedora" to
Fedora doesn't
actually explain why those signatures are better than the ones we already
have.
I guess it is to comply with some standard that absolutely needs per-file
signatures.
rpm -V can already verify the integrity of each file by checking the file's
cryptographic checksum that is signed (as a part of the package contents)
with the package signature.
Kevin Kofler