Project

Profile

Help

Maintenance. Planio will be undergoing a scheduled maintenance this weekend. Between Saturday, July 24 at 9:00 UTC and Sunday, July 25, 22:00 UTC your account might observe occasional downtimes which may last up to several minutes in some cases.

Task #8953

We need to support new style APT repo signatures

Added by quba42 about 1 month ago. Updated about 1 month ago.

Status:
NEW
Priority:
High
Assignee:
-
Sprint/Milestone:
Start date:
Due date:
% Done:

0%

Estimated time:
Platform Release:
Target Release - Debian:
Groomed:
No
Sprint Candidate:
No
Tags:
Sprint:
Quarter:

Description

See the following specification: https://wiki.debian.org/Teams/Apt/Spec/AptSign

See the following excerpt from IRC:

Conan Kudo
quba42: judging by what's going on, I expect this to launch in Debian 11
it definitely will be part of Ubuntu 22.04
I'm also having a conversation with the RPM folks about whether we might want to consider this for the RPM ecosystem in the future too
because not having an independent implementation from OpenBSD's signify was the main problem for me
now that two exist now (one in C++ and another in Python), I think this is something worth pursuing in the RPM ecosystem
Conan Kudo
quba42: my understanding is that Debian 11 and Ubuntu 22.04 will have both, but immediately afterward GPG will be dropped
quba42: apt-key(8) has already been marked for removal after Debian 11 release
(which is where the gpg key management is in apt)
https://www.mankier.com/8/apt-key
I guess this means I'm packaging up the new python-aptsign package for Fedora...
which means packaging python-apt too

Thanks Conan Kudo, for alerting me to this!

History

#1 Updated by quba42 about 1 month ago

We need to support both upstream signature verification using the new format, as well as signing published repos. The latter may be as simple as providing an updated example signing script.

Please register to edit this issue

Also available in: Atom PDF