Entries by Calvin Buckley

RPM Package Signing

In our current work with RPMs, we’re adding digital signatures to our PHP packages to enhance their security. Package Signing ensures the integrity of a package at rest by detecting and deterring tampering. A package is signed with a private key, which is then validated by the public key provided by the package builder and installed by the user. This technique complements TLS encryption, which guards against tampering and snooping in transport.