[prev in list] [next in list] [prev in thread] [next in thread] 

List:       debian-devel
Subject:    Re: New requirements for APT repository signing
From:       Phil Wyett <philip.wyett () kathenas ! org>
Date:       2024-02-29 0:29:40
Message-ID: 85b5a2ec86dbc0ba59c2c64f922fa37c114c9844.camel () kathenas ! org
[Download RAW message or body]


On Wed, 2024-02-28 at 20:20 +0100, Julian Andres Klode wrote:
> APT 2.7.13 just landed in unstable and with GnuPG 2.4.5 installed,
> or 2.4.4 with a backport from the 2.4 branch, requires repositories
> to be signed using one of
> 
> - RSA keys of at least 2048 bit
> - Ed25519
> - Ed448
> 
> Any other keys will cause warnings. These warnings will become
> errors in March as we harden it up for the Ubuntu 24.04 release,
> which was the main driver to do the change *now*.
> 
> If you operate third-party repositories using different key
> algorithms, now is your time to migrate before you get hit
> with an error.
> 
> For the Ubuntu perspective, feel free to check out the discourse
> post:
> 
> https://discourse.ubuntu.com/t/new-requirements-for-apt-repository-signing-in-24-04/42854

Hi,

Could I be pointed to the public conversation, any plans or bug reports related to this
update and transition etc. for affected users?

Thanks.

Regards

Phil

-- 
Playing the game for the games sake.

Web:

* Debian Wiki: https://wiki.debian.org/PhilWyett
* Website: https://kathenas.org
* Social Debian: https://pleroma.debian.social/kathenas/
* Social Instagram: https://www.instagram.com/kathenasorg/



["signature.asc" (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]