From e10ae4cbdd5233b5a249728b26cd4aeed20a85f5 Mon Sep 17 00:00:00 2001
From: Michał Górny <mgorny@gentoo.org>
Date: Wed, 21 Sep 2022 20:14:09 +0200
Subject: glep-0078: Clarify that Manifest must be present for signed binpkg
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Michał Górny <mgorny@gentoo.org>
Signed-off-by: Ulrich Müller <ulm@gentoo.org>
---
 glep-0078.rst | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/glep-0078.rst b/glep-0078.rst
index d77576a..3c7e899 100644
--- a/glep-0078.rst
+++ b/glep-0078.rst
@@ -228,6 +228,11 @@ If the Manifest is present, all files contained in the archive must
 be listed in it and verify successfully.  The package manager should
 ignore unknown files but preserve them across package updates.
 
+For a binary package to be considered signed and suitable for
+authenticity verification, the Manifest file must be present and contain
+a valid signature.  It is recommended to include detached signatures
+for archive members as well.
+
 
 Permitted .tar format features
 ------------------------------
-- 
cgit v1.2.3-65-gdbad