Re: expired signatures again?

To: deity@lists.debian.org
Cc: Harald Dunkel <harald.dunkel@t-online.de>
Subject: Re: expired signatures again?
From: Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>
Date: Mon, 18 Jul 2005 09:43:53 +0200
Message-id: <[🔎] 87hdespnie.fsf@informatik.uni-tuebingen.de>

Harald Dunkel <harald.dunkel@t-online.de> wrote:
> Currently I get an error message about http.us.debian.org
> saying:
>
> # apt-get update
> :
> :
> Reading package lists... Done
> W: GPG error: http://http.us.debian.org unstable Release: The following signatures were invalid: BADSIG F1D53D8C4F368D5D Debian Archive Automatic Signing Key (2005) <ftpmaster@debian.org>
> W: You may want to run apt-get update to correct these problems
>
>
> There is no such error message for using ftp.de.debian.org.
> Anyway, 'apt-key list' says that F1D53D8C4F368D5D expires on
> 2006-01-31, so why does apt complain?
>
>
> Regards
>
> Harri

apt-get is actualy fully correct in complaining. The
http.us.debian.org archive was broken and the Release.gpg, Release and
Packages files did not match up. I didn't check closely but it looked
like the Release file for etch and sid weren't mirrored for some
reason breaking both the gpg signature and the Packages md5sum.

ftp.de.debian.org was down that morning so I noticed ftp.debian.org
(my fallback) being broken. But other mirrors were fine and
ftp.de.debian.org (once it came back) aparently too.

MfG
        Goswin

Reply to:

Prev by Date: Re: Final Notification
Next by Date: Bug#318781: (no subject)
Previous by thread: expired signatures again?
Next by thread: Типография: Специальное предложение, Лада
Index(es):
- Date
- Thread