Bug#203741: Signature verification status

[Matt Zimmerman <mdz@debian.org>]

Given that:

1. I feel it is important that we have an updated apt in sarge, with or
without signature verification.  There have been many important fixes.

2. apt in sarge is currently still at 0.5.4 from woody

3. gcc-3.3 is still blocking a new apt from entering sarge

4. I think it would be a grave error to introduce this level of potential
breakage at this point in the release schedule

I am afraid that these changes may not make it into sarge.  If the release
is delayed for other reasons, it may become possible, but I would rather
release in December without signature checking than in March with it.  I'm
open to input from release-type folks about this, and so CCing
debian-release.

There still remain these outstanding issues, as well:

- What to do about notifying the user about insecure sources

  - A perpetual warning when any insecure source is present will numb the
    user to such warnings

  - An error would prevent users from taking advantage of unofficial sources

  Isaac suggested a configuration option to reject insecure sources, and I
  think that is probably a good compromise.  What should this configuration
  option be called?  Acquire::Require-Signed?

- Tools for generating Release files and signatures

-- 
 - mdz