[prev in list] [next in list] [prev in thread] [next in thread]
List: debian-devel
Subject: Re: New requirements for APT repository signing
From: Phil Wyett <philip.wyett () kathenas ! org>
Date: 2024-02-29 0:29:40
Message-ID: 85b5a2ec86dbc0ba59c2c64f922fa37c114c9844.camel () kathenas ! org
[Download RAW message or body]
On Wed, 2024-02-28 at 20:20 +0100, Julian Andres Klode wrote:
> APT 2.7.13 just landed in unstable and with GnuPG 2.4.5 installed,
> or 2.4.4 with a backport from the 2.4 branch, requires repositories
> to be signed using one of
>
> - RSA keys of at least 2048 bit
> - Ed25519
> - Ed448
>
> Any other keys will cause warnings. These warnings will become
> errors in March as we harden it up for the Ubuntu 24.04 release,
> which was the main driver to do the change *now*.
>
> If you operate third-party repositories using different key
> algorithms, now is your time to migrate before you get hit
> with an error.
>
> For the Ubuntu perspective, feel free to check out the discourse
> post:
>
> https://discourse.ubuntu.com/t/new-requirements-for-apt-repository-signing-in-24-04/42854
Hi,
Could I be pointed to the public conversation, any plans or bug reports related to this
update and transition etc. for affected users?
Thanks.
Regards
Phil
--
Playing the game for the games sake.
Web:
* Debian Wiki: https://wiki.debian.org/PhilWyett
* Website: https://kathenas.org
* Social Debian: https://pleroma.debian.social/kathenas/
* Social Instagram: https://www.instagram.com/kathenasorg/
["signature.asc" (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic