On 2014-09-21 20:04, Elmar Stellnberger wrote: > A package with some new signatures added is no more the old package. > It should have a different checksum and be made available again for update. > Perhaps someone wants to install the package not before certain signatures > have been added.
If a package would change by adding another signature, then this would invalidate previous signatures. Exactly because of your use case (waiting for a number of signatures or waiting for a specific signature before installation) the signature must be separated from the actual package. -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140921182918.GA27550@fama
