The easiest thing to do would be to just ship a keyring that had the obsolete public signing keys. Then the consumer could hard code that 'precise' was signed with keys A, B, C. and work stuff out like that.
Alternatively possibly we might want to deliver some distro-info like data. ubuntu-release| fingerprint | status | used-releases 790BC7277767219C42C86F933B4FE6ACC0B21F32 | expired | precise quantal raring saucy trusty utopic ... F6ECB3762474EDA9D21B7022871920D1991BC93C | current | trusty utopic vivid wily xenial yakkety ... Then the consumer expecting to verify 'precise' data could determine they should use the 790B key. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1809027 Title: Make retired Ubuntu keyrings available from the archive To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-keyring/+bug/1809027/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
