> I don't understand why today is the right day to allow weaker RSA keys.
I don't think that changed. To recap (and these changes are confusing, yes, but this is my understanding of the final result): # Noble release - there is only one list of crypto algorithms: Assert-Pubkey-Algo - anything NOT in that list will trigger a WARNING - RSA 1024 is NOT in that list, therefore we have a WARNING # This SRU - there are two new lists: Assert-Pubkey-Algo::Next and Assert-Pubkey-Algo::Future - the behavior of Assert-Pubkey-Algo CHANGED: now, algorithms not in this list will trigger an ERROR instead of a WARNING - algorithms NOT PRESENT in Assert-Pubkey-Algo::Next will issue a WARNING - RSA1024 was ADDED to Assert-Pubkey-Algo, so it's allowed - RSA1024 is NOT PRESENT in Assert-Pubkey-Algo::Next, so a WARNING is triggered In summary, RSA1024 triggers a WARNING in both noble release, and with this SRU. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2073126 Title: More nuanced public key algorithm revocation To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/2073126/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
