[Touch-packages] [Bug 1752656] Re: Please SRU archive keyrings to older releases

2023-11-27 Thread Dimitri John Ledkov
SRU of debian keyring is also somehow counter productive. Most likely usecase is to debootstrap unstable chroot. And for that to be done correctly, often enough most recent debootstrap from debian is required as otherwise the debootstrap might not complete, or complete incorrectly (see all the

[Touch-packages] [Bug 1752656] Re: Please SRU archive keyrings to older releases

2019-07-08 Thread Colin Watson
Note that SRUing debian-archive-keyring to xenial and earlier is hard, because its keyring generation code relies on gpg features that were added after bionic, and avoiding those features would break reproducibility of the generated keyring files and invalidate the signatures by Debian release

[Touch-packages] [Bug 1752656] Re: Please SRU archive keyrings to older releases

2018-11-05 Thread Robie Basak
** Description changed: While not necessarily a critical issue for the Ubuntu keyrings, as Debian uses newer keys periodically, it becomes impossible with the default keyrings to verify the latest Debian archive files. It seems reasonable to ensure the keyring contents in all releases