On Sun, Mar 03, 2019 at 10:42:42AM -0400, David Bremner wrote:
> Julian Andres Klode <jak@debian.org> writes:
> > The Release.gpg must be ASCII armored, as documented in:
[…]
> apt-key ("SUPPORTED KEYRING FILES") be updated? I'm not very happy with
> the wiki as the primary/only documentation.
The apt-secure manpage documents since the invention of this signature
verification feature how the gpg calls should look to generate the
Release.gpg – but the -a is argueably easy to miss.
Might be a good moment to look into using "heavier" tools doing all the
needed stuff instead of rolling your own and/or looking into InRelease
which has other marginal benefits as well.
See also #921685 for tracking proposes of me may or may not getting
around to actually implement a dedicated message for this… (bad me).
Best regards
David Kalnischkies
Attachment:
signature.asc
Description: PGP signature