Disable support for OpenPGP subkeys?

[pmatilai]

It's become painfully clear that the subkey support added in rpm 4.13 was naively innocent and lacking any of the necessary validation and computations it takes to meaningfully utilize PGP subkeys, and has opened a whole can of security worms that simply do not exist with primary keys only. Keeping this feature afloat does not seem anywhere near worth the trouble to me (while we're relying on our own OpenPGP parser, that is)

Consider this a poll of a kind: no doubt there are some users relying on the feature, but are there major users?

[DemiMarie]

Google Chrome RPMs are signed with a weak 1024-bit DSA key because old versions of RPM lack subkey support, so I would indeed consider supporting subkeys to be important as the lack of such support causes real-world problems.

[DemiMarie]

Also, dropping subkey support could cause false reports of database corruption, since signatures in the RPMDB made by subkeys would no longer verify.

[pmatilai]

Dropping subkeys would only turn the verification to NOKEY, not fail, so rpmdb is not affected. I fail to see how Google using DSA keys relates to subkeys in any way at all.

[DemiMarie]

Looks like Google, Alma, and Brave all have signing-capable subkeys. Since generating such keys is not the default in GnuPG or any other GPG implementation that I am aware of, presumably these subkeys are actually used. In the case of Google, I know they are used, and the lack of subkey support in old RPM versions is causing problems for them.

[DemiMarie]

Alma Linux packages are signed by a signing-capable subkey, so disabling subkey support would break them.

[DemiMarie]

So to answer your question @pmatilai: yes, Alma Linux is a major user of RPM’s subkey support.

[pmatilai]

So we have one known user, and not a very major one considering this is the first time I ever heard of it.

[DemiMarie]

Alma Linux is actually pretty major. It’s one of the two major replacements for CentOS now that CentOS has been replaced by CentOS Stream.