Hi all,
With apologies if this is a FAQ: why do the ISC BIND packages for Ubuntu,
linked from https://kb.isc.org/docs/isc-packages-for-bind-9 and published at
https://launchpad.net/~isc/+archive/ubuntu/bind, depend on
debsuryorg-archive-keyring? That package makes Apt trust a key for an
entirely different Apt repository, not used (as far as I can tell) by the
Launchpad PPA at all. (Also it installs the key into
/etc/apt/trusted.gpg.d, which is considered insecure and deprecated [1].)
$ apt-key list
(...)
/etc/apt/trusted.gpg.d/debsuryorg-archive.gpg
---------------------------------------------
pub rsa3072 2019-03-18 [SC] [expires: 2026-02-04]
1505 8500 A023 5D97 F5D1 0063 B188 E2B6 95BD 4743
uid [ unknown] DEB.SURY.ORG Automatic Signing Key <d...@sury.org>
sub rsa3072 2019-03-18 [E] [expires: 2026-02-04]
(...)
(Or should I treat deb.sury.org, rather than the Launchpad PPA, as the
official repository for these packages?)
Malcolm
[1] https://salsa.debian.org/apt-team/apt/-/raw/2.9.24/debian/NEWS
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
