Re: a rhetorical question in re. my adventures with wicd

To: debian-user@lists.debian.org
Subject: Re: a rhetorical question in re. my adventures with wicd
From: Johannes Wiedersich <johannes@physik.blm.tu-muenchen.de>
Date: Thu, 06 Aug 2009 21:22:04 +0200
Message-id: <[🔎] 4A7B2D5C.1020907@physik.blm.tu-muenchen.de>
In-reply-to: <[🔎] 20090806155122.GA32358@big.lan.gnu>
References: <[🔎] 20090806155122.GA32358@big.lan.gnu>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Paul E Condon wrote:
> Why is the package debian-backports-keyring not available in the
> debian stable repository? in the contrib section perhaps, but
> somewhere that is a verifiable secure repository at the time 
> that a user needs to install it ????

I don't know why it is available, but there are alternative ways to
verify that archive apart from the debian-backports-keyring package [1]

If you download the key with

gpg --keyserver hkp://subkeys.pgp.net --recv-keys 16BA136C

you will see that it is signed by Jörg Jaspert (aka Joerg Jaspert). You
could verify the authenticy of his signature by comparing it to Jörg's
public key in /usr/share/keyrings/debian-keyring.gpg, ie. the official
debian-keyring package that is already installed on your computer.

That fingerprint can be viewed by

$gpg --list-keys --fingerprint \
/usr/share/keyrings/debian-maintainers.gpg joerg@debian

Cheers,
Johannes

[1] http://www.backports.org/dokuwiki/doku.php?id=instructions

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkp7LVwACgkQC1NzPRl9qEXIPQCdG0FFq1MvzPP6xShj7vU85HEV
mpUAn1Vwrb/uHYU+AuXdne9itYz+NSgN
=52Xo
-----END PGP SIGNATURE-----

Reply to:

References:
- a rhetorical question in re. my adventures with wicd
  - From: Paul E Condon <pecondon@mesanetworks.net>

Prev by Date: Re: wi-fi security?
Next by Date: Re: crc32 sum
Previous by thread: Re: a rhetorical question in re. my adventures with wicd
Next by thread: crc32 sum
Index(es):
- Date
- Thread