Ubuntu
debian-archive-keyring package

Please SRU archive keyrings to older releases

Bug #1752656 reported by Nish Aravamudan on 2018-03-01

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	debian-archive-keyring (Ubuntu)	New	Undecided	Unassigned
	ubuntu-keyring (Ubuntu)	New	Undecided	Unassigned

Bug Description

While not necessarily a critical issue for the Ubuntu keyrings, as Debian uses newer keys periodically, it becomes impossible with the default keyrings to verify the latest Debian archive files.

It seems reasonable to ensure the keyring contents in all releases are the same, as the latest release is reflecting the latest archives.

Related: bug 1801725

See original description

Robie Basak (racb) on 2018-11-05

description:

updated

Revision history for this message

Colin Watson (cjwatson) wrote on 2019-07-08:

Note that SRUing debian-archive-keyring to xenial and earlier is hard, because its keyring generation code relies on gpg features that were added after bionic, and avoiding those features would break reproducibility of the generated keyring files and invalidate the signatures by Debian release team members. If we need to do this it's possible the only sensible option would be to smash in the generated files.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntudebian-archive-keyring package

Please SRU archive keyrings to older releases

Bug Description

Other bug subscribers

Remote bug watches

Ubuntu
debian-archive-keyring package