Hi, On Thu, Jan 19, 2023 at 01:00:29PM -0400, Stefano Rivera wrote: > > On Fri, 03 Sep 2021 15:16:54 +0200 Johannes Schauer Marin Rodrigues > > <jo...@debian.org> wrote: > > > please consider storing a mapping from distro to keyring in > > > /usr/share/keyring. Currently there is no reliable way to retrieve the > > > authoritative keyring for a given distro name. Even when limiting > > > oneself to only Debian, it is not obvious for which suites one needs > > > /usr/share/keyrings/debian-archive-keyring.gpg and for which one needs > > > /usr/share/keyrings/debian-archive-removed-keys.gpg. > > > > I am not sure whether distro-info-data is the right place for it. Are > > there rules when keys move from debian-archive-keyring.gpg to debian- > > archive-removed-keys.gpg? Shouldn't that information better be shipped > > by debian-archive-keyring? > > Can someone from the release team answer how this works?
Keys move to the removed keyring when they are no longer needed for bootstrapping supported or LTS releases (currently, stretch onwards). That's why there are typically three or four current keys depending on the phase of the release cycle. -- Jonathan Wiltshire j...@debian.org Debian Developer http://people.debian.org/~jmw 4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51 ed25519/0x196418AAEB74C8A1: CA619D65A72A7BADFC96D280196418AAEB74C8A1
