APT does not care about those keys. dpkg verifies them while unpacking and gpgv here just prints a short key id instead of a fingerprint (long id is broken as well).
The only thing we could do is disable the gpg signature check in dpkg- source when APT calls it for a secure package (that is, pass --no-check to dpkg-source). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1649097 Title: any source package signature is not valid To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1649097/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
