FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian Development

 
 
LinkBack Thread Tools
 
Old 03-26-2011, 08:02 AM
Mark Hymers
 
Default oldstable-security signing key

Hi,

Ben Hutchings recently discovered that old lenny CDs (5.0.0) currently
fail to install. Phil Kern discovered that this was because they
couldn't validate the security signing key (which was rolled over after
they were released). Originally, lenny security updates were signed
with the old ftpmaster key:

sec 4096R/55BE302B 2009-01-27 [expires: 2012-12-31]
uid Debian Archive Automatic Signing Key (5.0/lenny) <ftpmaster@debian.org>

As this key is still valid and present in debian-archive-keyring (even
in unstable) and will be so until well after the end of lenny security
support (which as we understand it is due on 2012-02-06), we intend to
change the lenny security repository to be signed by this key rather
than the current ftpmaster key which is:

pub 4096R/473041FA 2010-08-27 [expires: 2018-03-05]
uid Debian Archive Automatic Signing Key (6.0/squeeze) <ftpmaster@debian.org>

If anyone has any objections to this, can they let us know? I intend to
implement the changes necessary to make this work in dak immediately,
but won't change the key over for a couple of days to give people time
to raise objections.

Thanks,

Mark

--
Mark Hymers <mhy at debian dot org>

"Well, the thing about a black hole - it's main distinguishing feature - is
it's black. And the thing about space, your basic space colour is black. So
how are you supposed to see them?"
Holly, Red Dwarf Series III - Marooned
 
Old 03-26-2011, 07:37 PM
Bob Proulx
 
Default oldstable-security signing key

Mark Hymers wrote:
> Ben Hutchings recently discovered that old lenny CDs (5.0.0) currently
> fail to install. Phil Kern discovered that this was because they
> couldn't validate the security signing key (which was rolled over after
> they were released).

I ran into this problem yesterday. Thank you for working to fix it.

Bob
 
Old 04-01-2011, 12:50 PM
Mark Hymers
 
Default oldstable-security signing key

On Sat, 26, Mar, 2011 at 09:02:46AM +0000, Mark Hymers spoke thus..
> If anyone has any objections to this, can they let us know? I intend to
> implement the changes necessary to make this work in dak immediately,
> but won't change the key over for a couple of days to give people time
> to raise objections.

Hi,

This has now been done.

Mark

--
Mark Hymers <mhy at debian dot org>

"Don't you hate those Claims Direct adverts?
'I slipped on a banana skin and sued the Dominican Republic!'"
Linda Smith on the News Quiz talking about the Compensation Culture


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20110401125050.GA19937@hymers.org.uk">http://lists.debian.org/20110401125050.GA19937@hymers.org.uk
 

Thread Tools




All times are GMT. The time now is 04:31 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org