On Sat, 2022-10-29 at 09:23 +0200, Salvatore Bonaccorso wrote: > > No unfortunately we cannot do that. The reason is similar to what > lead > to > https://salsa.debian.org/kernel-team/linux/-/commit/248736d493fcfd0e05cd23f97befe40f5c125c71 > or caused bugs like #916927.
Forgive me my ignorance, but from the package's file list I'd assume that the signatures are included in the kernel image respectively the module files themselves? Is that a must, or could they be standalone signatures? Cause if the latter, wouldn't something like the following be possible: - have only one package that actually contains the kernel and modules (and that would be available earlier) - have that depend on a separate package that ships the standalone signatures That would have the benefit that there are no "duplicate" packages, and people could create a dummy for the signature package with e.g. equivs. > The signed packages need always longer as this needs action of > signing > them trough a seprate manual process of ftp-masters. Sure, clear. Best wishes, Chris.