On Sat, Mar 26, 2011 at 09:51:43PM +0100, Torsten Werner wrote: > Am 26.03.2011 19:34, schrieb Philipp Kern: > > So what should happen in this case: If you can connect to a mirror and have a > > trust path to it, check if a new version of debian-archive-keyring is > > available. If so, upgrade it and update the package lists. Only then try to > > connect to security. The trust path to the main mirror will be the stable > > release key that's fixed for the whole stable release lifetime. > d-i should even be prepared for the emergency case where the archive key > has been compromised somehow and the trust chain breaks. It could > display the current fingerprint to the user and ask him if it is okay to > continue. That'd require an online *and* an offline key compromise, though. Kind regards Philipp Kern
Attachment:
signature.asc
Description: Digital signature