1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.DEV

  • New requirements for APT repository signing

    From Julian Andres Klode@21:1/5 to All on Wed Feb 28 20:30:03 2024
    APT 2.7.13 just landed in unstable and with GnuPG 2.4.5 installed,
    or 2.4.4 with a backport from the 2.4 branch, requires repositories
    to be signed using one of

    - RSA keys of at least 2048 bit
    - Ed25519
    - Ed448

    Any other keys will cause warnings. These warnings will become
    errors in March as we harden it up for the Ubuntu 24.04 release,
    which was the main driver to do the change *now*.

    If you operate third-party repositories using different key
    algorithms, now is your time to migrate before you get hit
    with an error.

    For the Ubuntu perspective, feel free to check out the discourse
    post:

    https://discourse.ubuntu.com/t/new-requirements-for-apt-repository-signing-in-24-04/42854
    --
    debian developer - deb.li/jak | jak-linux.org - free software dev
    ubuntu core developer i speak de, en

    -----BEGIN PGP SIGNATURE-----

    iQIzBAABCgAdFiEET7WIqEwt3nmnTHeHb6RY3R2wP3EFAmXfh2oACgkQb6RY3R2w P3GYIA//TQKlRbMsCu99tQSX4z3Qrc+AQ9bpNDiFPV1VczquZsDWqtYSzdFqlere nnLTkA8eQYnQjRI0ZfkL3LhnQCE10K1d3+qRE8DXHvYXUS5OjEHlHOrVQDyUrwd6 DqRAMz/c24qArk50o/3wKFBoyDK7c2NeyimOsAxOYoyMp6RHsweJ1WVxPSrwj3Hy kbRHjNyAqR5HrYV298PBvR3jn25InojEqqi3GCfLSVF3mWiS5jBM1hbRH16dY6vG nURFmQnQkj2MMR/RNK9ACL5uFQrKFvQOCurn4AYetA+1MPho6JHAIFlfXykR6Frk CDTII6rgpyIW19/CtO0NAWTTbgvky7JzH04/TlReSrRAuq27hXtL2M9dDTYMMg4g A7vJXFaSzUpw7hITSQhRk7dp1Llkdkoejoeu6njN7EJa9YNOQlhIys9DQSF9KUir t3aOtC2bKdJx++jwy/Vx6fh+DcBXx1ZsyFIeclmU/EQ0OyKEi3UzOwnECz6t2Aak S3ZSItmNp1OZ1xJLcCKg00Uhmv28y5MAYQm0vKzth1/iM/VASdaHHfwyHTcdcIlf BLIKPLqAXiJz0DdLa9dpTN8so7M8rK5yX7dzju7FxhymLNy5EZSgiLjLIDii9wnJ 98mwEbsTjZTAe5MgiwJa+Vd27reAdOEB1DcvuSrb8rgGuK3N48Y=
    =Q9py
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Ori