On 12/08/2016 09:28 AM, Jelle van der Waa wrote:
On 12/08/16 at 07:56am, Eli Schwartz wrote:
What happens when you have validpgpkeys and want to check a file but the repository is not signed? What happens when you have two repositories and only one is signed?
Yes that's tricky, and exactly why I wanted to start a discussion here :)
So currently everything works correctly, absent this^^. Checked with signed tags, branches, commits. Actually, there is no validpgpkeys check, since file signatures still fail when pgpsigs are checked but no validpgpkeys are declared (so why change that if we don't have to), but other than that... Way too many if statements, hopefully that can be reworked somehow, but the important thing is it doesn't fall over. Possibilities for switching on repository signature checking: - Add something to the url fragment to indicate it is signed. - All-or-nothing (distasteful) check on ``` (( ${#validpgpkeys[@]} > 0 )) ``` - Warn and continue (distasteful)? We should hope for something better than second-class citizenship. Anyone else have ideas on this? -- Eli Schwartz