After updating debian-archive-keyring to the 2018.1 version, then remove those wheezy obsolete keys, debian-security for testing can not be verified.
And I further check other debian-security updates/InRelease files, and found that: 1. wheezy signed with debian-archive-jessie-security-automatic.gpg debian-archive-wheezy-automatic.gpg 2. jessie signed with debian-archive-jessie-security-automatic.gpg debian-archive-wheezy-automatic.gpg 3. stretch signed with debian-archive-jessie-security-automatic.gpg debian-archive-wheezy-automatic.gpg ==> shouldn't be stretch one ? 4. buster signed with debian-archive-wheezy-automatic.gpg ==> shouldn't be stretch one? 5. testing signed with debian-archive-wheezy-automatic.gpg ==> shouldn't be stretch one? So if we remove wheezy keys, buster user will get errors when they try to update their debian-security repo.
