On Sun, Mar 03, 2019 at 10:42:42AM -0400, David Bremner wrote: > Julian Andres Klode <jak@debian.org> writes: > > The Release.gpg must be ASCII armored, as documented in: […] > apt-key ("SUPPORTED KEYRING FILES") be updated? I'm not very happy with > the wiki as the primary/only documentation. The apt-secure manpage documents since the invention of this signature verification feature how the gpg calls should look to generate the Release.gpg – but the -a is argueably easy to miss. Might be a good moment to look into using "heavier" tools doing all the needed stuff instead of rolling your own and/or looking into InRelease which has other marginal benefits as well. See also #921685 for tracking proposes of me may or may not getting around to actually implement a dedicated message for this… (bad me). Best regards David Kalnischkies
Attachment:
signature.asc
Description: PGP signature