Thanks @jxself, good explanation.
Is there a standard procedure for reporting the fact that the package downloaded by `apt-get source linux` (linux_3.13.0-77.121+7.0trisquel2) is signed with a key (0x92D284CF33C66596) for which no public cert appears to be available?
