[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: amd64 stable release signature problems?

On Wed, Jul 26, 2006 at 12:14:30PM +0200, Goswin von Brederlow wrote:
> "Ed L. Cashin" <ecashin@coraid.com> writes:
...
> > I can get rid of the error that way, but I still am curious about why
> > there's a bad signature on the release file for the amd64 stable APT
> > repository.
> 
> But sarge users will still have it.

You mean amd64 sarge users still have a BADSIG error when running
apt-get update?

  makki:/home/ecashin# apt-get update
...
  Reading package lists... Done
  W: GPG error: http://amd64.debian.net stable Release: The following signatures were invalid: BADSIG E415B2B4B5F5BBED Debian AMD64 Archive Key <debian-amd64@lists.debian.org>
  W: You may want to run apt-get update to correct these problems

If not, I suppose sarge isn't using the public key crypto stuff, which
would explain why this still hasn't been fixed.  However, then the
question would be: if sarge isn't using public key crypto, why is the
release file signed at all?

So if the Release file has a bad signature, who would be the one to
remove the signature?  I wouldn't mind contacting that person.

-- 
  Ed L Cashin <ecashin@coraid.com>
Reply to: