Bug#1103625: modernize-sources: use .pgp file extension for debian-archive-keyring

To: Julian Andres Klode <jak@debian.org>, 1103625@bugs.debian.org
Cc: "Christian T. Steigies" <cts@debian.org>
Subject: Bug#1103625: modernize-sources: use .pgp file extension for debian-archive-keyring
From: Guillem Jover <guillem@debian.org>
Date: Wed, 27 Aug 2025 13:41:19 +0200
Message-id: <[🔎] aK7u39AaHsK1R2fJ@thunder.hadrons.org>
Reply-to: Guillem Jover <guillem@debian.org>, 1103625@bugs.debian.org
In-reply-to: <BB0609BE-6AF3-4638-9595-DBCA3216C167@debian.org>
References: <aAPru2LMS2F4wnIO@gleep.fritz.box> <aAPru2LMS2F4wnIO@gleep.fritz.box> <BB0609BE-6AF3-4638-9595-DBCA3216C167@debian.org> <aAPru2LMS2F4wnIO@gleep.fritz.box>

Hi!

[ I discussed this with Julian on IRC some time ago, but forgot to
  forward that here, doing that now, and this report was used as a
  reference somewhere else, so better to clarify things here. ]

On Sat, 2025-04-19 at 21:02:47 +0200, Julian Andres Klode wrote:
> On April 19, 2025 8:30:19 PM GMT+02:00, "Christian T. Steigies" <cts@debian.org> wrote:
> >Package: apt
> >Version: 3.0.0
> >Severity: wishlist

> >an upgrade offered to modernize my sources, so I did.
> >Just seconds before I saw the message from the upgraded
> >debian-archive-keyring:
> >  Certificate (keyring) files in /usr/share/keyrings now have the
> >  file extension .pgp, rather than .gpg.
> >Shouldn't a just modernized source use the new file extension as well?

> So the .pgp extension is reserved for PGP messages, not keys.
> 
> This needs to be resolved by the IETF WG, and the change in the
> keyring package was premature.
> 
> The only file extension for keys is .asc for armored ones.

I think that to keep using .gpg is worse, because I don't think there's
even a MIME type for .gpg? At least none that I could see in the
/etc/mime.types anyway. For example file --mime-types returns the correct
thing anyway.

My take is that the MIME definition is not exhaustive, so I don't see a
conflict if it's "missing types". And my perception is that MIME types
get registered after demonstrated usage?

Julian asked if file did application/pgp-keys for .pgp keys, and this
was my reply:

  $ file --mime-type /usr/share/keyrings/debian-archive-trixie-automatic.pgp
  /usr/share/keyrings/debian-archive-trixie-automatic.pgp: application/pgp-keys

It just checks the contents the same with a .gpg one for example:

  $ file --mime-type /usr/share/keyrings/debian-maintainers.gpg
  /usr/share/keyrings/debian-maintainers.gpg: application/pgp-keys

So I don't see much of a problem here, and I think it would be best if we
could move away from this naming pattern, as that entrenches GnuPG usage
as a synonym for OpenPGP which seems rather unfortunate.

And for example for the apt modernize stuff I think it would be great if
it could check whether the current pathname referred is a symlink and
then use that (or perhaps if the symlink target is named .pgp if you want
to be more specific).

Julian then replied that the code could be made to just look for a
.pgp first.

Thanks,
Guillem

Reply to:

Prev by Date: Bug#1112193: closed by Julian Andres Klode <jak@debian.org> (Re: Bug#1112193: Apt manual install overridden during remove)
Next by Date: Bug#1112193: closed by Julian Andres Klode <jak@debian.org> (Re: Bug#1112193: Apt manual install overridden during remove)
Previous by thread: Bug#1112193: closed by Julian Andres Klode <jak@debian.org> (Re: Bug#1112193: Apt manual install overridden during remove)
Next by thread: Bug#1112325: line indentation silently breaks debian.sources
Index(es):
- Date
- Thread