[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#763419: apt ignoring check-valid-until flag

On Thu, Dec 17, 2020 at 10:03 AM Ansgar wrote:

>     (Bonus points if this keeps the original signature if possible.)

Two separate signatures is possible for Release+Release.gpg, just
rename the latter to .old, but what can you do for InRelease? Is it
possible to have multiple signatures in one blob of signing data? Is
it possible to take an existing signature and add a second one to it?
Can the same thing be done for Release.gpg? Do apt, gpg and gpgv cope
with this sort of thing?



Reply to: