Robert Millan wrote: > On Sat, Jun 21, 2008 at 03:52:12PM +0200, Alexander Wirt wrote: >> I'm still not that sure if its a good idea to add a non-offical debian repo >> keyring into the archive... But I let the decision to the ftp-masters.. > > Well, currently a problem is the only way to get a trusted path to the bpo > repository is by fetching debian-backports-keyring from it, checking your > signature in its .dsc, etc. So this is what I'm trying to solve.
Hmm, are there not 2 other ways documented on backports.org as you can see below? Cheers Luk -------------------------- If you are using etch and you want apt to verify the downloaded backports you can import backports.org archive’s key into apt: apt-get install debian-backports-keyring or gpg --keyserver hkp://subkeys.pgp.net --recv-keys 16BA136C gpg --export | apt-key add - or wget -O - http://backports.org/debian/archive.key | apt-key add - -------------------------- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]