Thats a very good point Marc. I get the feeling the other approach (providing a signed version of the keyrigng or a signature file for it) is actually more robust and we should go with that.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/857472 Title: net-update verifcation checking insecure To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/857472/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
