Skip to content
Snippets Groups Projects
New look: Off

Add support for using `sop` for signing and verification

    • Open Issue created by Wiktor Kwapisiewicz @wiktor

    It seems that devtools signs and verifies using GnuPG but it should be relatively simple (famous last words) to make it support the Stateless OpenPGP (sop) interface.

    Potential issues:

    • GnuPG asks for a key fingerprint while sop needs signing certificate (basically a public key of the signing one). This would probably require additional config option where the user could insert their armored cert.
    • This should be an opt-in to not disrupt the existing flows (if the user configures sop it will use sop but if not it will continue with gpg)
    • Open question: should the exact sop implementation be configurable? There are many choices: rsop, rsop-oct, sqop.

    CC'ing @dvzrv with whom I've discussed the idea and also @heiko who may be interested.

    To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

    Child items 0

    • No child items are currently assigned. Use child items to break down this issue into smaller parts.

    Activity

    Please register or sign in to reply