[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: APT public key updates?

On Thu, Jan 05, 2006 at 04:32:29PM -0800, Matt Zimmerman wrote:
> On Fri, Jan 06, 2006 at 01:22:50AM +0100, Petter Reinholdtsen wrote:
> > [Michael Vogt]
> > > Sorry for the delay. I'm preparing a new upload that adds the 2006
> > > archive key to the default keyring. 
> > 
> > Sounds good.  Will this automatically take care of the key update and
> > make sure no manual intervention is needed to get packages upgraded?
> > 
> > Isn't Ubuntu using the signed apt stuff?  How are they handling the
> > new archive keys?
> 
> Ubuntu's apt package ships only the Ubuntu archive keyring, not the Debian
> archive keyring, so no update is needed when Debian keys change.

That doesn't mean we (Ubuntu) have solved the problem of how to rotate
*our* keys in the event of a key compromise. (To my knowledge, we
haven't.)

-- 
Colin Watson                                       [cjwatson@debian.org]
Reply to: