Bug#928313: apt-key check for revoked keys

To: submit@bugs.debian.org
Subject: Bug#928313: apt-key check for revoked keys
From: Kurt Roeckx <kurt@roeckx.be>
Date: Thu, 2 May 2019 00:17:24 +0200
Message-id: <[🔎] 20190501221724.GA6210@roeckx.be>
Reply-to: Kurt Roeckx <kurt@roeckx.be>, 928313@bugs.debian.org

Package: apt
Version: 1.8.0

I have this in my apt keyring:
/etc/apt/trusted.gpg
--------------------
pub   rsa4096 2015-06-11 [SC]
      C35E B17E 1EAE 708E 6603  A9B3 AD05 92FE 47F0 DF61
uid           [ unknown] matrix.org (Debian signing key) <packages@matrix.org>
sub   rsa4096 2015-06-11 [E]

But I know that that key has been revoked, and the revoked key is
in my keyring:
pub   rsa4096/AD0592FE47F0DF61 2015-06-11 [SC] [revoked: 2019-04-12]
      C35EB17E1EAE708E6603A9B3AD0592FE47F0DF61
uid                 [ revoked] matrix.org (Debian signing key) <packages@matrix.org>

But there doesn't seem to be any infrastructure to check that a
key is revoked other than manually updating it.


Kurt

Reply to:

Follow-Ups:
- Bug#928313: marked as done (apt-key check for revoked keys)
  - From: "Debian Bug Tracking System" <owner@bugs.debian.org>

Next by Date: Bug#928313: marked as done (apt-key check for revoked keys)
Next by thread: Bug#928313: marked as done (apt-key check for revoked keys)
Index(es):
- Date
- Thread