Articles & Reviews
News Archive
Forums
Premium
Contact
Categories

Computers Display Drivers Graphics Cards Linux Gaming Memory Motherboards Processors Software Storage Operating Systems Peripherals

Fedora 38 Looks To Shift RPM To Sequoia, A Rust-Based OpenPGP Parser

Written by Michael Larabel in Fedora on 30 November 2022 at 08:30 AM EST. 36 Comments

FEDORA

For the past two decades the RPM package manager software has relied upon its own OpenPGP parser implementation for dealing with package keys and signatures. With Fedora 38 they plan to have their RPM package shifted to use the Rust-written "Sequoia" parser instead.

RPM's own OpenPGP parser implementation has been a maintenance burden and redundant when better supported parsers exist. Upstream RPM has been working to deprecate the internal parser in favor of moving to Sequoia PGP.

Sequoia PGP is an OpenPGP library and with written in Rust is focused on safety and correctness among its design principles.

Fedora developers are eager to move to that RPM with Sequoia PGP and hope to see it all ready for Fedora 38. Switching to this proper OpenPGP parser should lead to improved security and standards compliance. Eventually this will also lead to better error messages and other possible improvements.

This change for Fedora 38 is still being discussed via the devel mailing list. Those wishing to learn more about the RPM Sequoia feature for F38 next year can see this Wiki page for all the details.

36 Comments

Related News

Fedora COSMIC Desktop Spin Proposed For Fedora 42

Fedora 42 Looking To Package Intel SGX Software Stack

Fedora 42 Aims To Enhance The Windows Subsystem For Linux Experience

Fedora Stakeholders Debate Concerns Over "Karma" Term For Their Updates System

Fedora KDE Desktop Spin Promoted To Same Tier As GNOME-Based Fedora Workstation

Fedora Stakeholders Debate Idea Of "-O3" Optimized Packages

About The Author

Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week

OpenWrt Affected By Security Issue That Could Have Led To Compromised Build Artifacts

Linus Torvalds Comes Out Against "Completely Broken" x86_64 Feature Levels

Linux EFI Zboot Abandoning "Compression Library Museum", Focusing On Gzip & Zstd

How AMD Is Taking Standard C/C++ Code To Run Directly On GPUs

COSMIC Alpha 4 Released For System76's Rust-Based Desktop

Ptyxis Becomes Ubuntu's Recommended Replacement To GNOME Terminal

GNU Shepherd 1.0 Service Manager Released As "Solid Tool" Alternative To systemd

KDE Starts December By Landing A Number Of New Features