* Martin Schulze: > I'd really love to see this feature properly implemented.
The only approach which is known to work is static keys for stable releases and stable security updates. The keys can be stored off-line or on-line, at the discretion of the respective teams. So far, we have botched all yearly key rollovers, and there is zero evidence that we'll get the first one that reallly matters right. Unfortunately, the key rollover approach is generally assumed to be required to achieve a decent level of security and strongly preferred over the alternatives. Needless to say, I very strongly disagree with that position. (IIRC, -release is not a discussion list, so details such be discussed elsewhere.) >From a release engineering view, the last possible date at which APT key material can be included in d-i would be interesting, I guess. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]