>> I think apt should accept Release files without this header. If it ever >> sees such a header it should *no longer* accept new release files >> without it. Ie. "old file does not have it - new file doesnt need >> it". "Old file has it - new file needs it". > This would break on people using the codenames in their sources.list > (which we advise to do, I think). So if Lenny propagates from testing > to stable (with the former having this header, the latter not) apt > will show warnings.
Currently stable doesnt have this header. > The release files for stable won't be regenerated every week. That wouldnt be a big problem, the problem is that the Stable RMs currently refuse to give proper automated access to the stable key. So its the SRMs fault that we cant have such automatisms there... :() (It would be easy to regenerate it weekly, while having it expire after 30 or 60 days. Now, stable itself doesn't change so often, only for point releases. And its also not security related, as those get in via the security archive, which does have a proper setup for valid-until (and will get em when the code is fully synced, so this weekend i think.) > But if we could specify that it does not expire (which is IMHO true) > that would solve that issue. No (archive side). While we could go and add the special string "Never", this won't help us, as we are then back to the known problem, that a MitM can go and do bad things to you (this time by *also* modifying the release file, but hey, thats no bigger task then getting in between you and $world first). So if we want to support a user that tracks lenny and as such goes from testing to stable at some point - that should be implemented in apt. An option to ignore the "valid-until header goes away" for manual usage by the admin. Users that track testing for some time, no matter how near to the release, should be able to do this once. IMO. (Also, the option can be a simple rm in apts list dir) -- bye, Joerg I'm convinced that the ftpmaster team are ninjas -- they do their stuff, but they do it quietly and behind the scenes, so everybody thinks they're asleep at the wheel...)
pgp79YXsTiRw4.pgp
Description: PGP signature
