docs: explain "digest" vs "signature" fields for RPMs

2022-01-14 11:39:19 -05:00 · 2022-01-14 11:39:19 -05:00 · 5196f73d51
commit 5196f73d51
parent c56c73a2e9
1 changed files with 2 additions and 1 deletions
--- a/docs/source/signing.rst
+++ b/docs/source/signing.rst
@ -38,7 +38,8 @@ the public GPG key into their RPMDB::
      Payload SHA256 digest: OK
      MD5 digest: OK

-Note there is no "RSA/SHA256 Signature" header field on the RPM here.
+Note there are only "digest" fields here, no "Signature" fields since this RPM
+is unsigned.

 *Example: A GPG signature that rpmdb DOES trust*::