On Wed, 2007-03-14 at 23:08 +0000, Nick Boyce wrote: > [Just for completeness, and more to the point, but not wanting to flog a > dead horse]: I should have added, when you're on dial-up (yes .. some of > us still are) every 13Mb download is painful ... compared with the 2K > (say) that a separate release-signing key would take. I think you're looking at a keyring of all the debian developers (an outdated copy from 2005 it seems) that's not necessary to download. As you already have the keyid you can get the complete key from a keyserver using gpg or from any keyserver with a web interface: http://pgp.mit.edu:11371/pks/lookup?search=0x88C7C1F7&op=index&fingerprint=on I guess the FAQ should be updated. > Is this 13Mb keyring also needed by the new package-signature-checking > apt-get ? No, that's a much smaller package, only containing the key for the debian archive. http://packages.debian.org/unstable/misc/debian-archive-keyring -- Cheers, Sven Arvidsson http://www.whiz.se PGP Key ID 760BDD22
Attachment:
signature.asc
Description: This is a digitally signed message part