** Also affects: software-properties (Ubuntu)
Importance: Undecided
Status: New
** Changed in: software-properties (Ubuntu)
Status: New => In Progress
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to software-properties in
Ubuntu.
https://bugs.launchpad.net/bugs/1667725
Title:
[feature request] make full ppa signing public key available over
https
Status in Launchpad itself:
Fix Released
Status in software-properties package in Ubuntu:
In Progress
Bug description:
Currently, for a ppa, launchpad makes the long key fingerprint
available over https. I'd like to request that it also make the full
public key available over https.
Many people use add-apt-repository extensively for using ppas ('add-
apt-repository -y smoser/archive')
As I understand it, that basically does:
a. request the 'archive urls', 'description' and long key fingerprint over
https from launchpad.net
b. does gpg --recv <long-key-fingerprint> from
hkp://keyserver.ubuntu.com:80/ (or the --keyserver argument)
c. adds the result of 'b' to apt using 'apt-key'
Since launchpad is the owner of the signing key for the ppa, why not
have it just give us the full public key over the same api that it
provides the other bits of information?
My experience is that gpg servers are less reliable than we'd like,
and even if they were as reliable as launchpad, any use of a ppa now
effectively depends on 2 external systems when 1 could suffice.
To manage notifications about this bug go to:
https://bugs.launchpad.net/launchpad/+bug/1667725/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
