Bug#345823: apt: Key error at year turnover resembles security problem, and may represent one

On Wed, Jan 04, 2006 at 01:26:26PM +0100, Jeroen van Wolffelaar wrote: On Wed, Jan 04, 2006 at 02:41:30AM -0800, Joshua Rodman wrote: On Wed, Jan 04, 2006 at 03:01:35AM +0100, Jeroen van Wolffelaar wrote: Fwiw, the Release.gpg file contains two signatures now, both one with the 2005 key

Bug#345823: apt: Key error at year turnover resembles security problem, and may represent one

I use aptitude and I'm sure I don't know all the ins and outs here. But I do have a suggestion for your consideration: Stop signing the archives with the 2006 key for now. That will allow those who have been using the 2005 key to continue getting updates. After you have your fixes in

Bug#345823: apt: Key error at year turnover resembles security problem, and may represent one

On Wed, Jan 04, 2006 at 03:01:35AM +0100, Jeroen van Wolffelaar wrote: Fwiw, the Release.gpg file contains two signatures now, both one with the 2005 key and the 2006 key, to have a short transition period. The archive still validates with the 2005 key, which isn't expired yet, and I think APT

Bug#345823: apt: Key error at year turnover resembles security problem, and may represent one

I came across the same error this morning. The part that was rather frustrating is that I had no idea where to find the new key. Only by returning to the bug report (where Joey H provided a link) was I able to find it. http://ftp-master.debian.org/ziyi_key_2006.asc Most users do not think to

Bug#316344: Bug#345823: apt: Key error at year turnover resembles security problem, and may represent one

Am Mittwoch, den 04.01.2006, 03:47 -0800 schrieb Edward Buck: xpost to #345823 and #316344 [..] I tried to download the new key from the above key server using the key id and found none. Also, 'apt-key update' gives one the impression that the problem is easily fixable but it leads to

Bug#345823: apt: Key error at year turnover resembles security problem, and may represent one

On Wed, Jan 04, 2006 at 02:41:30AM -0800, Joshua Rodman wrote: On Wed, Jan 04, 2006 at 03:01:35AM +0100, Jeroen van Wolffelaar wrote: Fwiw, the Release.gpg file contains two signatures now, both one with the 2005 key and the 2006 key, to have a short transition period. The archive still

Bug#345823: apt: Key error at year turnover resembles security problem, and may represent one

Package: apt Version: 0.6.43 Severity: normal Since the year has turned over, apt-get update now produces the error: [...] Reading package lists... Done W: GPG error: http://http.us.debian.org testing Release: The following signatures couldn't be verified because the public key is not

Bug#345823: apt: Key error at year turnover resembles security problem, and may represent one

On Tue, Jan 03, 2006 at 10:58:28AM -0800, Joshua Rodman wrote: Since the year has turned over, apt-get update now produces the error: [...] Reading package lists... Done W: GPG error: http://http.us.debian.org testing Release: The following signatures couldn't be verified because the public