package: apt severity: wishlist x-debbugs-cc: t.gla...@tarent.de, debian-backpo...@lists.debian.org
On Fri, Jun 08, 2018 at 05:27:21PM +0200, Thorsten Glaser wrote:
> > /etc/apt/apt.conf.d/01local:
> > Acquire::Check-Valid-Until false;
>
> this will unfortunately not be enough in the long term,
> as the PGP signatures will expire (rather, the keys).
>
> I wish there were an APT option to say, per repository,
> “this is archived, check the signature as if it were
> the yyyy-mm-dd today, then pin it and error out if it
> changes”.
Oh yes, I wish that option would exist as well!
--
cheers,
Holger
signature.asc
Description: PGP signature
