[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Expired GPG keys of older release

That's a pity, don't you think so ? I think Debian should renew the archive key, so we can still verify packages signatures.

On June 19, 2018 8:33:21 PM GMT+02:00, john doe <johndoe65534@mail.com> wrote:
On 6/19/2018 9:22 AM, Adam Cecile wrote:

GPG key that signed the Squeeze repo is now expired. How should I handle
this properly ? Despite the key is expired, it use to be valid and I
don't like much the idea of going for [trusted=yes] for each impacted
sources.list entry.

Sadly, if the expiry date of the key is not extended there is little you
can do beyond insuring that the key in your keyring is up-to-date which
is normaly done automatically on Debian.

Googling this gives some things to try.

Sent from my Android device with K-9 Mail. Please excuse my brevity.
Reply to: