On Fri, Dec 31, 2021 at 3:32 AM Vitaly Zaitsev via devel <devel@xxxxxxxxxxxxxxxxxxxxxxx> wrote: > > On 30/12/2021 12:58, Roberto Sassu wrote: > > This has not been decided yet, but likely the Fedora kernel will > > contain the official Fedora keys, and the user will decide to add > > new keys (including those from COPR). > > 1. What about self-built RPMs? I always build RPMs in mock and test them > locally before submitting them to Koji as Fedora updates. Sounds like, if this is enabled, they'll need a GPG key associated with their personal repository. > 2. Such keys must be added/removed automatically with the corresponding > COPR repositories. Key management is one of the reasons GPG validation od deployed software has never really taken off. _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
