Bug#318630: apt-get: Please add [TRUSTED] vendor support

To: 318630@bugs.debian.org
Subject: Bug#318630: apt-get: Please add [TRUSTED] vendor support
From: Daniel Hartwig <mandyke@gmail.com>
Date: Sat, 20 Apr 2013 13:21:53 +0800
Message-id: <[🔎] 87vc7h3hfy.fsf@gmail.com>
Reply-to: Daniel Hartwig <mandyke@gmail.com>, 318630@bugs.debian.org

Control: tags -1 - patch

The basic support for [trusted=yes] is in since 0.8.16~exp3.  So
repurposing this bug report to enhance this feature along the lines of
the more recent messages (i.e. #62 onwards).  The supplied patches
no longer apply.

Goswin von Brederlow <goswin-v-b@web.de> wrote:
> Any objections to the proposed design for this feature?
>
> - deb [key=0x1AB52325534,0x3475BDF478] ...
>   Only accept signatures by one of the listed fingerprints
>
> - deb [keyring=foobar.gpg] ...
>   Use foobar.gpg to verify the signatures and only foobar.gpg.
>
> deb [trust=always|never] ....
>   Ignore the Release signature and just always or never trust the
>   source. "always" would be for file:// or sources on the local
>   network where you don't care if it is unsigned. "never" would be for
>   repositories you want to always be asked before they are used and
>   which should not replace packages from more trusted repositories.

Reply to:

Prev by Date: Processed: retitle 318630
Next by Date: Processed: Re: Bug#318630: apt-get: Please add [TRUSTED] vendor support
Previous by thread: Processed: retitle 318630
Next by thread: Processed: Re: Bug#318630: apt-get: Please add [TRUSTED] vendor support
Index(es):
- Date
- Thread