Hi, while I'm actually in favor of adding this package because it makes it a lot easier to obtain a trustpath to the backports.org repo, which is important to our users, it's not true that there isnt a documented trusted path to install the key. It's documented here: http://wiki.debian.org/DebianEdu/Documentation/Etch/HowTo/Administration#head-136bb7e75e07e8b6463e6b30761ac51776c5c27d # add backports.org repo to /etc/apt/sources.list echo "deb http://www.backports.org/debian etch-backports main contrib non-free" >> /etc/apt/sources.list # install the debian-keyring securily: aptitude install debian-keyring # fetch the backports.org key insecurily: gpg --keyserver pgpkeys.pca.dfn.de --recv-keys 16BA136C # check securily if the key is correct and add it to root's keyring if it is: gpg --keyring /usr/share/keyrings/debian-keyring.gpg --check-sigs 16BA136C && gpg --export 16BA136C | apt-key add - # update the list of available packages: aptitude update But it's really quite complicated and a lot to type :) So I would definitly prefer a package, optionally with a low-priority debconf question (for preseeding mostly) to also edit to sources.list :-) regards, Holger
Attachment:
pgpGLfG93fToS.pgp
Description: PGP signature