[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: APT public key updates?

* Bernd Eckenfels:

>> IOW using the old key to sign the new key only requires that the old
>> key be "good" at one point during the new year, whereas continuing to
>> use the old key requires that it be "good" all year.
> Yes, but it breaks a long term usage like web of trust.

The Debian archive key does not take part in the web of trust.
Anybody who has passed the OpenPGP NM checks should not sign that key.

Reply to: