Bug#901642: No gpg signature for SHA256SUM of "Tiny CDs, flexible USB sticks, etc."

[Alexander Couzens]

Package: debian-cd

There is no gpg signature for SHA256SUM file.
So there is no way to verify the images originates from the debian.

Via http:// do:

debian.org -> Getting Debian -> Download an installation image ->
Tiny CDs, flexible USB sticks, etc. -> amd64 -> 
http://ftp.nl.debian.org/debian/dists/stretch/main/installer-amd64/current/images/

pgppAjNoqpCtv.pgp
Description: OpenPGP digital signature