[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

oldstable-security signing key


Ben Hutchings recently discovered that old lenny CDs (5.0.0) currently
fail to install.  Phil Kern discovered that this was because they
couldn't validate the security signing key (which was rolled over after
they were released).  Originally, lenny security updates were signed
with the old ftpmaster key:

sec   4096R/55BE302B 2009-01-27 [expires: 2012-12-31]
uid                  Debian Archive Automatic Signing Key (5.0/lenny) <ftpmaster@debian.org>

As this key is still valid and present in debian-archive-keyring (even
in unstable) and will be so until well after the end of lenny security
support (which as we understand it is due on 2012-02-06), we intend to
change the lenny security repository to be signed by this key rather
than the current ftpmaster key which is:

pub   4096R/473041FA 2010-08-27 [expires: 2018-03-05]
uid                  Debian Archive Automatic Signing Key (6.0/squeeze) <ftpmaster@debian.org>

If anyone has any objections to this, can they let us know?  I intend to
implement the changes necessary to make this work in dak immediately,
but won't change the key over for a couple of days to give people time
to raise objections.



Mark Hymers <mhy at debian dot org>

"Well, the thing about a black hole - it's main distinguishing feature - is
 it's black. And the thing about space, your basic space colour is black. So
 how are you supposed to see them?"
     Holly, Red Dwarf Series III - Marooned

Attachment: signature.asc
Description: Digital signature

Reply to: