Julian - I hadn't realised there are two gpgv's! Having found apt's own /usr/lib/methods/gpgv
I have been able to create a shell wrapper that can feed it the expected request headers and parse the response headers to ensure a GPGVOutput: GOODSIG ... It's a proof of concept right now; if this approach is preferred then I'll tidy it up and publish. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1801762 Title: Dual-signed things should be easy to verify with one key To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1801762/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
