Hi, 2018年8月23日(木) 22:01 Sean Whitton <spwhit...@spwhitton.name>: > > > However, we shouldn't start shipping random key material for various > > other places that just happen to offer their software in a format that > > is consumable by apt. > > Providing the keyrings just as data, and not automatically adding them > as trusted by apt, might be useful for bootstrapping trust paths, > however.
As far as I know, in most cases, keyrings are added automatically. (not just as data) I thought that it is common sense in Debian, but it is better to ask users explicitly during install process (dconf?) if package will put keyring under /etc/apt/trusted.gpg.d/. debian-ports-archive-keyring-2018.01.05 * install keyring to /usr/share/keyrings and /etc/apt/trusted.gpg.d directly emdebian-archive-keyring-2.2 * install keyring to /etc/apt/trusted.gpg.d directly leap-archive-keyring-2017.11.24 * install keyring to /usr/share/keyrings and /etc/apt/trusted.gpg.d directly neurodebian-0.37.6/ * install keyring to /etc/apt/trusted.gpg.d directly pkg-mozilla-archive-keyring-1.2/ * install keyring to /etc/apt/trusted.gpg.d directly ubuntu-keyring-2016.05.13/debian/install * install keyrings to /usr/share/keyrings * symlink from /etc/trusted.gpg.d during postinst Regards, -- Kentaro Hayashi <ken...@gmail.com>
