minisign icon indicating copy to clipboard operation
minisign copied to clipboard

Published 20 hours ago verified publisher icon jedisct1

System trusted public keys

Open kallisti5 opened this issue 2 years ago • 3 comments

Is it possible to have a system directory of trusted public keys?

As a use case example, Haiku (the operating system) places read-only minisign public keys for our artifacts in /boot/system/data/trust_db (example: /boot/system/data/trust_db/haiku-2019.pub)

It would be a cool feature if minisign could additionally search this directory for system trusted signing keys.

Would minisign be interested in a patch doing something similar to this under Haiku?

kallisti5 avatar Jul 25 '21 14:07 kallisti5

As long as it doesn't add too much complexity to the code, why not!

Keys have identifiers, so I guess the plan would be to name files according to these identifiers?

jedisct1 avatar Jul 25 '21 16:07 jedisct1

Also, Haiku is nice, but such feature should ideally remain portable C that works on other operating systems as well.

jedisct1 avatar Jul 25 '21 16:07 jedisct1

Haiku's fully posix, so anything added would be portable :-)

kallisti5 avatar Jan 25 '22 20:01 kallisti5