On Sun, Feb 26, 2006 at 01:55:53AM +0100, Andrzej Adam Filip wrote: > Gnupg key used to generate Release.gpg of sarge has expired at > 2006-01-31. New Release.gpg should be generated using currecnt gpg key.
Thank you for your report. Yes, the signature is old, because Packages files and such for stable are only generated upon some release. So on the next point release, which shouldn't take too long anymore, the 2006 key will be used. This is something that also should be thought about for etch, because with the new apt, this will cause issues for people installing/upgrading -- to the point that it would most likely simply break netinstalls and such. So this situation may not repeat itself in etch. Anyway, for people who already installed stable, nothing changed, and the trust in the archive doesn't suddenly decrease just because there was not a re-assurance that yes, the very same release is still genuine. This doesn't mean that this shouldn't be fixed of course. --Jeroen -- Jeroen van Wolffelaar [EMAIL PROTECTED] (also for Jabber & MSN; ICQ: 33944357) http://Jeroen.A-Eskwadraat.nl -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
