Web lists-archives.com

Re: Expired GPG keys of older release




<tomas@xxxxxxxxxx> writes:
> On Wed, Jun 20, 2018 at 10:37:19AM -0700, Don Armstrong wrote:
>> In theory, [allow-weak=yes] should work, but I haven't actually tested
>> this.
>
> Since it seems that an archived Debian release is bound to have an
> expired key, would you agree that it'd be useful to have an option
> to accept such a key?

But a user of an archived Debian release wouldn't get an updated apt
which includes this new option. :-)

By the time Debian oldoldoldstable includes this option, the end of UNIX
time might already be so clone that oldoldoldstable software wants a
date safely in the past and one has to fake system time.  That would
make the keys unexpired at the same time.

Ansgar