On Tue, Nov 7, 2017 at 2:36 AM, Roberto Sassu <roberto.sassu@xxxxxxxxxx> wrote: > Finally, digest lists address also the third issue because Linux > distribution vendors already provide the digests of files included in each > RPM package. The digest list is stored in the RPM header, signed by the > vendor. RPM's hardly universal, and distributions are in the process of moving away from using it for distributing non-core applications (Flatpak and Snap are becoming increasingly popular here). I think this needs to be a generic solution rather than having the kernel tied to a specific package format.
