<to...@tuxteam.de> writes: > On Wed, Jun 20, 2018 at 10:37:19AM -0700, Don Armstrong wrote: >> In theory, [allow-weak=yes] should work, but I haven't actually tested >> this. > > Since it seems that an archived Debian release is bound to have an > expired key, would you agree that it'd be useful to have an option > to accept such a key?
But a user of an archived Debian release wouldn't get an updated apt which includes this new option. :-) By the time Debian oldoldoldstable includes this option, the end of UNIX time might already be so clone that oldoldoldstable software wants a date safely in the past and one has to fake system time. That would make the keys unexpired at the same time. Ansgar