Re: Signature of wheezy's linux source package

To: debian-user@lists.debian.org
Subject: Re: Signature of wheezy's linux source package
From: Don Armstrong <don@debian.org>
Date: Thu, 12 Jun 2014 12:39:32 -0700
Message-id: <[🔎] 20140612193932.GI9707@teltox.donarmstrong.com>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 201406121832.16796.grossmms@googlemail.com>
References: <[🔎] 201406121832.16796.grossmms@googlemail.com>

On Thu, 12 Jun 2014, Matthias Großmann wrote:
> after downloading the most recent linux source package for wheezy
> on my wheezy system, I noticed that dpkg-source fails to verify its 
> signature:

[...]

> I would expect everything required to verify packages in wheezy to be
> included in wheezy, so I guess this is a bug. Or am I missing something?

The keyring in stable is almost never updated, while the keys that are
used by developers to sign packages are often updated in the time
between the freezing of stable and now.

You can either download the newest version of the keyring, or you can
use keyring.debian.org.

-- 
Don Armstrong                      http://www.donarmstrong.com

Given that the odds of a miracle are one in one million, and events
which could be a miracle happen every second, the odds of not seeing a
miracle in a month are less than 8 in 100. Clearly miracles are not
all that miraculous.

Reply to:

Follow-Ups:
- Re: Signature of wheezy's linux source package
  - From: Simon Hollenbach <ionpowered@gmail.com>

References:
- Signature of wheezy's linux source package
  - From: Matthias Großmann <grossmms@googlemail.com>

Prev by Date: Re: [0.5 OT] How to grab some entry by command line
Next by Date: Iceweasel problem
Previous by thread: Signature of wheezy's linux source package
Next by thread: Re: Signature of wheezy's linux source package
Index(es):
- Date
- Thread