Web lists-archives.com

Re: Expired GPG keys of older release




-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thu, Jun 21, 2018 at 12:08:11AM +0200, Ansgar Burchardt wrote:

[...]

> But a user of an archived Debian release wouldn't get an updated apt
> which includes this new option. :-)

Quite right: the best (s)he can hope for is a workaround. Perhaps the
one "disregard all security" is the best of those. Perhaps not.

> By the time Debian oldoldoldstable includes this option, the end of UNIX
> time might already be so clone that oldoldoldstable software wants a
> date safely in the past and one has to fake system time.  That would
> make the keys unexpired at the same time.

:-)

Cheers
- -- t
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlsrS84ACgkQBcgs9XrR2kZqhACfe+eSz+2R8xWn/gT+6RJd7MGX
NOsAn2QaFk/4FJcIA+Hw57dO3MLqUnda
=AK48
-----END PGP SIGNATURE-----