Re: apt in experimental (Re: APT 0.6 migration -- second status report)
On Wed, May 04, 2005 at 11:51:21PM +0200, Goswin von Brederlow wrote:
> Matt Zimmerman <mdz@debian.org> writes:
> > In mainline, there is a facility for adding new keys to the keyring by
> > updating the apt package.
>
> Which can't be done (savely) if the key is compromised or expires
> before the update (like it does every year).
If the key is compromised, we lose, no matter what we do.
I recommend that we create keys which will not expire before the next
release.
--
- mdz
Reply to: