I have verified the authenticity of ubuntu-esm-v2-keyring.gpg by this method:
$ gpg --no-default-keyring --keyring ./keyrings/ubuntu-esm-v2-keyring.gpg --list-keys gpg: please do a --check-trustdb ./keyrings/ubuntu-esm-v2-keyring.gpg ------------------------------------ pub 4096R/4067E40313CB4B13 2019-04-17 uid Ubuntu Extended Security Maintenance Automatic Signing Key v2 <[email protected]> sub 4096R/349F0F98EF1B9BA3 2019-04-17 gpg --no-default-keyring --keyring ./keyrings/ubuntu-esm-v2-keyring.gpg --verify /var/lib/apt/lists/esm.ubuntu.com_ubuntu_dists_trusty-security_Release{.gpg,} gpg: Signature made Thu Apr 18 18:15:02 2019 UTC gpg: using RSA key 4067E40313CB4B13 gpg: please do a --check-trustdb gpg: Good signature from "Ubuntu Extended Security Maintenance Automatic Signing Key v2 <[email protected]>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 56F7 650A 24C9 E9EC F87C 4D8D 4067 E403 13CB 4B13 $ /var/lib/apt/lists/esm.ubuntu.com_ubuntu_dists_trusty- security_Release{.gpg,} were downloaded by apt via https. The esm.ubuntu.com https endpoint is secured with a certificate issued by cn=Let's Encrypt Authority X3, a CA we have a high degree of confidence in (and is not issued by a random other CA that might have been compromised elsewhere). This is enough for now. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1825239 Title: Enable support for trusty ESM To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1825239/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
