On Wed, 2019-02-13 at 15:41 +0000, Linda Lapinlampi wrote: > Template: matrix-archive-keyring/sources.list > Type: boolean > Default: false > _Description: Use APT data sources from Matrix.org? > The Matrix.org Debian package repository distributes supplemental Matrix.org > related packages intended to work with the Debian distribution, but require > software software outside of the distribution to either build or function. > These packages are digitally signed with keys from matrix-archive-keyring. > . > The Debian Project will be unable to directly support issues faced from using > supplemental packages from this third-party repository. Packages from these > APT sources may be non-conforming to the technical requirements set in the > Debian Policy for the Debian distribution.
More important is the question if the system should /trust/ the keys. IMHO installing a non-Debian keyring should *not* make the keys trusted by APT by default (i.e. with the default answer if debconf is used). ubuntu-keyring does that; most other keyrings sadly do not follow this. Ansgar
