Removed keys, which are no longer in use by the current series by have
been used by previous series are always shipped in the
/usr/share/keyrings/ubuntu-archive-removed-keys.gpg and similar, which
are not trusted by the new systems by default.
So I'm not sure what you are asking for
The easiest thing to do would be to just ship a keyring that had the
obsolete public signing keys. Then the consumer could hard code
that 'precise' was signed with keys A, B, C. and work stuff out like
that.
Alternatively possibly we might want to deliver some distro-info like
data.
** Description changed:
Currently, if an Ubuntu developer (or their code) is attempting to
interact with the precise archive (which is still supported in some form
via ESM) from a machine running bionic or later, they will run in to
issues verifying signatures, because the keys used to
3 matches
Mail list logo