RPM GPG key is not accepted by new RPM versions
The directions for getting started on Linux instruct you to run the command:
sudo rpm --import https://downloads.1password.com/linux/keys/1password.asc
However this no longer works on Fedora 35, with the following error:
error: https://downloads.1password.com/linux/keys/1password.asc: key 1 import failed.
After going through rpm's git history to bisect the cause, it turned out to be this commit:
commit f22499a05d0a01e35dd10d7644f8d74391ba4222 (HEAD, refs/bisect/bad) Author: Panu Matilainen <REDACTED> Date: Tue Jun 15 14:18:23 2021 +0300 Reject unimplemented critical PGP packets as per RFC-4880 Bit 7 of the subpacket type is the "critical" bit. If set, it denotes that the subpacket is one that is critical for the evaluator of the signature to recognize. If a subpacket is encountered that is marked critical but is unknown to the evaluating software, the evaluator SHOULD consider the signature to be in error. We only implement creation time and issuer keyid, everything else is unimplemented and should be flagged as an error if critical as per above. Initial patch by Demi Marie Obenour.
In other words, RPM has become more strict in how it interprets GPG keys, and thus 1password's GPG key is now invalid.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Fedora Silverblue 35