Sign with two keys then, and try to tell people. After a period of time you could disable the old key (ie no longer sign anything with it) - for anyone who still hasn't updated their configuration their system will still work, but instead of updates they would get errors. Then they would update their config.
(Note that all PPA packages are already available through TLS, eg https://launchpad.net/~fnu/+archive/ubuntu/main- fnu/+build/8797131/+files/cmake-qt-gui_2.8.12.2-3_amd64.deb but only for manual download. It is not used automatically by apt, so to be secure you have to identify and manually download a lot of packages. These can be found through the 'View package details' link at the top right on all PPA main pages) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1461834 Title: 1024-bit signing keys should be deprecated To manage notifications about this bug go to: https://bugs.launchpad.net/launchpad/+bug/1461834/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
