Re: apt ignoring check-valid-until flag

To: Ansgar <ansgar@43-1.org>, Daniel Kahn Gillmor <dkg@debian.org>
Cc: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>, Debian Development <debian-devel@lists.debian.org>, 763419@bugs.debian.org
Subject: Re: apt ignoring check-valid-until flag
From: Paul Wise <pabs@debian.org>
Date: Fri, 18 Dec 2020 01:15:38 +0000
Message-id: <[🔎] CAKTje6FF2q2P_7cvyNVovhsWUoOcG6pGnyeSjzgO0r7o+TwQ-w@mail.gmail.com>
In-reply-to: <[🔎] 24be3a28890f74de095f212aed9aa392d8914e1f.camel@43-1.org>
References: <[🔎] 6500327c-f66b-072e-d757-970f285281e0@physik.fu-berlin.de> <[🔎] CAKTje6EEDg+yn1vfeWxt4cQi-t+QxpNWQYADur797emC0xKP0A@mail.gmail.com> <[🔎] 20201216230307.sj7n4voj3sjq2wiz@function> <[🔎] 6cc8ba7cdcade4cfa41243ffa7a362e385338c13.camel@debian.org> <[🔎] d5b4d233-836e-bdc9-f809-246132119d3a@physik.fu-berlin.de> <[🔎] 24be3a28890f74de095f212aed9aa392d8914e1f.camel@43-1.org>

On Thu, Dec 17, 2020 at 10:03 AM Ansgar wrote:

>     (Bonus points if this keeps the original signature if possible.)

Two separate signatures is possible for Release+Release.gpg, just
rename the latter to .old, but what can you do for InRelease? Is it
possible to have multiple signatures in one blob of signing data? Is
it possible to take an existing signature and add a second one to it?
Can the same thing be done for Release.gpg? Do apt, gpg and gpgv cope
with this sort of thing?

-- 
bye,
pabs

https://wiki.debian.org/PaulWise

Reply to:

Follow-Ups:
- Re: apt ignoring check-valid-until flag
  - From: Calum McConnell <calumlikesapplepie@gmail.com>
- Re: apt ignoring check-valid-until flag
  - From: Ansgar <ansgar@43-1.org>

References:
- apt ignoring check-valid-until flag
  - From: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>
- Re: apt ignoring check-valid-until flag
  - From: Paul Wise <pabs@debian.org>
- Re: apt ignoring check-valid-until flag
  - From: Samuel Thibault <sthibault@debian.org>
- Re: apt ignoring check-valid-until flag
  - From: Paul Wise <pabs@debian.org>
- Re: apt ignoring check-valid-until flag
  - From: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>
- Re: apt ignoring check-valid-until flag
  - From: Ansgar <ansgar@43-1.org>

Prev by Date: Work-needing packages report for Dec 18, 2020
Next by Date: Re: apt ignoring check-valid-until flag
Previous by thread: Re: apt ignoring check-valid-until flag
Next by thread: Re: apt ignoring check-valid-until flag
Index(es):
- Date
- Thread