Re: Secure APT Key Management
Martin Schulze <firstname.lastname@example.org> writes:
> According to the last release update the key management issue for
> Secure APT is not yet resolved.
> Are there chances to get key management settled down before the
> release? It would really be a shame if we couldn't get this done and
> provide the user with a proper infrastructure.
> This requires collaboration between ftpmaster, release team and apt
> developers, I guess. Is there a place where the relevant issues are
> discussed so that a decision can be made and a solution can be
> implemented *in time*?
> I'd really love to see this feature properly implemented.
I twice requsted that ftp-master puts the key for Release/Release.gpg
as Release.key[ring] next to each file to have a standardized place
where keys for any apt-getable archive can be found.
If you can get ftp-master to put the key in that place then I'm
willing to patch apt to use it for key updates with enough checking
and interactivity to make it save.