Package: multistrap Version: 2.2.1 Severity: normal Currently, when multistrap is run inside fakeroot, apt is run with Apt::Get::AllowUnauthenticated=true. This is because retrieving the keys is done by "sudo apt-get install debian-archive-keyring". This could easily be replaced by a root-less "apt-get download debian-archive-keyring" and would at the same time then also avoid having to install packages on the host system.
