On 10/31/2017 10:15 AM, Roberto Ragusa wrote: > On 10/31/2017 09:52 AM, Miroslav Suchý wrote: >> I just stumbled upon >> https://unix.stackexchange.com/questions/400634/does-anyone-bother-to-remove-rpmkeys >> with the nice link to: >> https://blog.laimbock.com/2014/05/02/how-to-remove-an-imported-gpg-key-from-rpm/ >> And I wonder: is it a good idea to keep old gpg keys in RPM db? Or should we automate the removal of old keys? > > They indeed pile up after many upgrade cycles: > > # rpm -qa gpg-pubkey --qf "%{version}-%{release} %{summary}\n"|wc -l > 64 Do we issue revocations for old keys? If not, let's do that and extend dnf to honor those and clean up? -- David Cantrell <dcantrell@xxxxxxxxxx> Red Hat, Inc. | Boston, MA | EST5EDT _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
