Removal of apt-key is tracked in bug 2004505
I wrote a new sopv backend for apt yesterday as a PoC that doesn't rely
on apt-key to merge together keyring files to run gpgv, but instead runs
sopv once for each keyring the repository is configured to trust.
The classic gpgv backend I believe can wo
no, you still have backdoors to do things wrong.
Remove unconditionally apt-key and make half of world to do things right!
** Changed in: apt (Ubuntu)
Status: Invalid => New
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed
APT is switching away from a global gpg keyring to configuring a key
file per repository using the Signed-by option. These keys should
preferably be places inside the sources file itself (embedded) or the
option should reference a file, the canonical directories of which are
/usr/share/keyrings or
3 matches
Mail list logo
