On Mon 2018-01-15 17:45:49 -0500, Robert J. Hansen wrote: > _Literally every major FOSS package manager breaks. Updates become > impossible._
while i agree with rjh that destruction of the current SKS-based
keyserver network (either by technical or legal means) would today be a
net loss, this statement goes too far.
the debian package manager does not directly use the keyserver network,
and debian archive signing keys are themselves distributed as debian
packages.
the keyservers can occasionally be used as a way to find updated keys
for a system that has been offline for years, to "re-bootstrap" the
package manager, but dpkg and apt are certainly not reliant on the
keyserver network to do their thing.
Third-party repositories also do not need the keyservers to function
properly, if they're configured in a sensible way:
https://wiki.debian.org/DebianRepository/UseThirdParty
Regards,
--dkg
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
