-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Paul E Condon wrote: > Why is the package debian-backports-keyring not available in the > debian stable repository? in the contrib section perhaps, but > somewhere that is a verifiable secure repository at the time > that a user needs to install it ????
I don't know why it is available, but there are alternative ways to verify that archive apart from the debian-backports-keyring package [1] If you download the key with gpg --keyserver hkp://subkeys.pgp.net --recv-keys 16BA136C you will see that it is signed by Jörg Jaspert (aka Joerg Jaspert). You could verify the authenticy of his signature by comparing it to Jörg's public key in /usr/share/keyrings/debian-keyring.gpg, ie. the official debian-keyring package that is already installed on your computer. That fingerprint can be viewed by $gpg --list-keys --fingerprint \ /usr/share/keyrings/debian-maintainers.gpg jo...@debian Cheers, Johannes [1] http://www.backports.org/dokuwiki/doku.php?id=instructions -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkp7LVwACgkQC1NzPRl9qEXIPQCdG0FFq1MvzPP6xShj7vU85HEV mpUAn1Vwrb/uHYU+AuXdne9itYz+NSgN =52Xo -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
