Package: apt Version: 1.0.3 Severity: minor The apt-secure(8) manpage reads:
"The chain of trust in Debian starts when a maintainer uploads a new package or a new version of a package to the Debian archive. In order to become effective, this upload needs to be signed by a key contained in the Debian Maintainers keyring (available in the debian-keyring package)."
To the best of my knowledge, not only Debian Maintainers can sign uploads; Debian Developers can do that, too! :-P
-- Jakub Wilk -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
