also sprach Thijs Kinkhorst <thijs@debian.org> [2008.08.05.0941 -0300]: > While it is desirable to implement key expiry, and I hope that the > APT team will do so, I do have doubts whether this sould be > critical for the release of Debian Lenny. Can you provide > a scenario that illustrates the criticality of this issue? No, it just casts a rather bad light on the implementation of signature checking in APT. -- .''`. martin f. krafft <madduck@debian.org> : :' : proud Debian developer, author, administrator, and user `. `'` http://people.debian.org/~madduck - http://debiansystem.info `- Debian - when you have better things to do than fixing systems on the other hand, you have different fingers.
Attachment:
digital_signature_gpg.asc
Description: Digital signature (see http://martin-krafft.net/gpg/)