On Sat, Jan 07, 2006 at 09:14:50PM +1100, Paul TBBle Hampson wrote: > We're already doing security rX updates to Sarge anyway, surely we just > need to synchronise the key rollover with those releases? And maybe an > rX release if the current archive key becomes compromised? This is inconsistent with Debian's past policies wrt stable releases, namely, that it should be possible for a user to skip all point releases and security updates (at the peril of their system's security...) and still be able to upgrade when a new stable release comes out. This is necessary if we're to accomodate the many Debian deployments which don't have a reliable network connection and are only updated when a new stable release is published. Please keep this use case in mind while designing solutions for the apt key update problem. Cheers, -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. vorlon@debian.org http://www.debian.org/
Attachment:
signature.asc
Description: Digital signature