-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi,
Am Mo den 31. Mai 2010 um 10:49 schrieb Neil Williams: > At the very least, the public key should be available on the server > itself and it should preferably be in an archive-keyring package in > Debian. Sure. And I plan to do so. But for the moment there is just that packages I told about. > gpgv: Signature made Sun 30 May 2010 19:01:45 BST using RSA key ID > D1A4EDE5 Correct. > > Where is that key available? > > I assume it's this one: > pub 2048R/D1A4EDE5 2000-02-26 Klaus Ethgen <(E-Mail Removed)> > Fingerprint: D7 67 71 C4 99 A6 D4 FE EA 40 30 57 3C 88 26 2B See my signature, yes. > and subkeys.pgp.net didn't report having that key. Thats really strange. The key _is_ on this server so I do not know why you didn't find it. > I would question the safety / reliability of using a repository Thats always the case with additional repositories. And since APT do not show the source of a package in the default configuration makes this not better. > that forces the creation of Packages and Sources and Release files by > hand instead of using a reliable, reproducible tool like reprepro. Well, this method was grown since ages when reprepro was not available and I hadn't the time to migrate a working method to a /nice/ working method. > The site even includes the Makefile that shows the hacks used to make > the repository files. There is no reason to hide that, so, yes. Regards Klaus - -- Klaus Ethgen http://www.ethgen.de/ pub 2048R/D1A4EDE5 2000-02-26 Klaus Ethgen <kl...@ethgen.de> Fingerprint: D7 67 71 C4 99 A6 D4 FE EA 40 30 57 3C 88 26 2B -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEVAwUBTAOiSJ+OKpjRpO3lAQpRJgf9Hb7adxPjd+JqtPWxMNzL1DWXvyxTV+Lq iqGaQ50+LsVoJH6DJgdt/vxAc/J4vLujrhnBqsrjdKwcquV66kJx8reZDeIxawBl 0K0z01W19CYTlHCykE8j0QIJSahbhGAyw02k2cFr9ToXCbWUv337Ao2FmmE8UQO/ /T8SVqc7Xc3LkUT4PapiXDg8iN5qo8r5T6YFD4JQKu50bFPqQx8Azc3Ri7PxupU0 pTh00oWhg3zbrboYP/vn53KafZXvkayR3bPfyZZBIrGXSJ361GSaqWIdnCoGJu6D Bq/z6Qn4shM+j/TPFBRS9eJr7SY5zuxzK1iCGs+gLeqdjaTO78NbQg== =nJO2 -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20100531114928.ge27...@ikki.ethgen.de