Bug#480478: ITP: debian-backports-keyring -- GnuPG archive key of the backports.org repository
Robert Millan wrote:
> On Sat, Jun 21, 2008 at 03:52:12PM +0200, Alexander Wirt wrote:
>> I'm still not that sure if its a good idea to add a non-offical debian repo
>> keyring into the archive... But I let the decision to the ftp-masters..
>
> Well, currently a problem is the only way to get a trusted path to the bpo
> repository is by fetching debian-backports-keyring from it, checking your
> signature in its .dsc, etc. So this is what I'm trying to solve.
Hmm, are there not 2 other ways documented on backports.org as you can
see below?
Cheers
Luk
--------------------------
If you are using etch and you want apt to verify the downloaded
backports you can import backports.org archive’s key into apt:
apt-get install debian-backports-keyring
or
gpg --keyserver hkp://subkeys.pgp.net --recv-keys 16BA136C
gpg --export | apt-key add -
or
wget -O - http://backports.org/debian/archive.key | apt-key add -
--------------------------
Reply to: