reply to Neal Gompa:
On Tue, Apr 14, 2020 at 10:57 AM cunix <cunix@gmx.net> wrote:
reply to Neal Gompa: [...]
We can just resign packages without rebuilding them.
Yes, after obs verified by rebuilding that it would have created the same binary as produced by SUSE internals.
And "resign" in the sense of "adding" a second (openSUSE) signature, not in the sense of "replacing" the existing (SUSE) signature.
Of course this has to be supported by the tools used (repeating posted link [1]).
Is this possible?
Not that. But we can replace signatures without touching the payload. rpm-sign can delete and add signatures, and so can obs-signd.
While I'd like to have packages from the official openSUSE repositories signed by an openSUSE key, I got the impression others prefer to have a SUSE signature for shared packages. If this is one or the other, there seems to be a conflict hard to solve. Therefore I would prefer a solution where we can have both at the same time. cunix -- To unsubscribe, e-mail: opensuse-project+unsubscribe@opensuse.org To contact the owner, email: opensuse-project+owner@opensuse.org