Re: apt ignoring check-valid-until flag

To: Paul Wise <pabs@debian.org>
Cc: Debian Development <debian-devel@lists.debian.org>
Subject: Re: apt ignoring check-valid-until flag
From: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>
Date: Thu, 17 Dec 2020 00:07:47 +0100
Message-id: <[🔎] 5dd79a51-887f-15f6-510d-aba9b876e3f7@physik.fu-berlin.de>
In-reply-to: <[🔎] CAKTje6EEDg+yn1vfeWxt4cQi-t+QxpNWQYADur797emC0xKP0A@mail.gmail.com>
References: <[🔎] 6500327c-f66b-072e-d757-970f285281e0@physik.fu-berlin.de> <[🔎] CAKTje6EEDg+yn1vfeWxt4cQi-t+QxpNWQYADur797emC0xKP0A@mail.gmail.com>

On 12/16/20 11:53 PM, Paul Wise wrote:
> It seems to be saying that the 2019 ports archive signing key used for
> signing the snapshot URLs is expired, I don't think check-valid-until
> ignores key expiry.

Ah, the "check-valid-until" is for the signature of the Release file, but
not for the signing key of the archive. That explains it.

We should probably extend the instructions on snapshot.debian.org [1] to
include that information.

Adrian

> [1] http://snapshot.debian.org/

-- 
 .''`.  John Paul Adrian Glaubitz
: :' :  Debian Developer - glaubitz@debian.org
`. `'   Freie Universitaet Berlin - glaubitz@physik.fu-berlin.de
  `-    GPG: 62FF 8A75 84E0 2956 9546  0006 7426 3B37 F5B5 F913

Reply to:

References:
- apt ignoring check-valid-until flag
  - From: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>
- Re: apt ignoring check-valid-until flag
  - From: Paul Wise <pabs@debian.org>

Prev by Date: Re: apt ignoring check-valid-until flag
Next by Date: Re: apt ignoring check-valid-until flag
Previous by thread: Re: apt ignoring check-valid-until flag
Next by thread: Re: apt ignoring check-valid-until flag
Index(es):
- Date
- Thread