Actions
Task #8953
closed
We need to support new style APT repo signatures
Start date:
Due date:
% Done:
0%
Estimated time:
Platform Release:
Target Release - Debian:
Groomed:
No
Sprint Candidate:
No
Tags:
Sprint:
Quarter:
Description
Ticket moved to GitHub: "pulp/pulp_deb/412":https://github.com/pulp/pulp_deb/issues/412
See the following specification: https://wiki.debian.org/Teams/Apt/Spec/AptSign
See the following excerpt from IRC:
Conan Kudo
quba42: judging by what's going on, I expect this to launch in Debian 11
it definitely will be part of Ubuntu 22.04
I'm also having a conversation with the RPM folks about whether we might want to consider this for the RPM ecosystem in the future too
because not having an independent implementation from OpenBSD's signify was the main problem for me
now that two exist now (one in C++ and another in Python), I think this is something worth pursuing in the RPM ecosystem
Conan Kudo
quba42: my understanding is that Debian 11 and Ubuntu 22.04 will have both, but immediately afterward GPG will be dropped
quba42: apt-key(8) has already been marked for removal after Debian 11 release
(which is where the gpg key management is in apt)
https://www.mankier.com/8/apt-key
I guess this means I'm packaging up the new python-aptsign package for Fedora...
which means packaging python-apt too
Thanks Conan Kudo, for alerting me to this!
Updated by quba42 over 3 years ago
We need to support both upstream signature verification using the new format, as well as signing published repos. The latter may be as simple as providing an updated example signing script.
Updated by pulpbot almost 3 years ago
- Description updated (diff)
- Status changed from NEW to CLOSED - DUPLICATE
Actions
.