Package: debian-archive-keyring Version: 2021.1.1ubuntu2 Severity: wishlist
Dear Maintainer, In a sid chroot, # apt-key export 2>/dev/null | wc 1151 1158 74594 # export GNUPGHOME=$(mktemp -d) # apt-key export 2>/dev/null | gpg --import &>/dev/null # gpg --export --armor --export-options export-minimal | wc 790 797 51161 As if the .asc key fragments are not minimal. Given that "full" .gpg keyrings exist in keyrings locations, maybe .asc fragments could be minimized? Also the .asc fragments seemed to have some sort of revocations on them - the `sig R` stanzas: pub rsa4096 2019-04-14 [SC] [expires: 2027-04-12] 5E61B217265DA9807A23C5FF4DFAB270CAA96DFA sig R 4DFAB270CAA96DFA 2019-04-14 Debian Security Archive Automatic Signing Key (10/buster) <ftpmas...@debian.org> sig R 4DFAB270CAA96DFA 2019-04-14 Debian Security Archive Automatic Signing Key (10/buster) <ftpmas...@debian.org> sig R 4DFAB270CAA96DFA 2019-04-14 Debian Security Archive Automatic Signing Key (10/buster) <ftpmas...@debian.org> sig R 4DFAB270CAA96DFA 2019-04-14 Debian Security Archive Automatic Signing Key (10/buster) <ftpmas...@debian.org> sig R 4DFAB270CAA96DFA 2019-04-14 Debian Security Archive Automatic Signing Key (10/buster) <ftpmas...@debian.org> uid [ unknown] Debian Security Archive Automatic Signing Key (10/buster) <ftpmas...@debian.org> sig 3 4DFAB270CAA96DFA 2019-04-14 Debian Security Archive Automatic Signing Key (10/buster) <ftpmas...@debian.org> sig E0B11894F66AEC98 2019-04-14 [User ID not found] sig EDA0D2388AE22BA9 2019-04-14 [User ID not found] sig BC372252CA1CF964 2019-04-14 [User ID not found] sig P DB16CF5BB12525C4 2019-04-14 [User ID not found] sub rsa4096 2019-04-14 [S] [expires: 2027-04-12] sig 4DFAB270CAA96DFA 2019-04-14 Debian Security Archive Automatic Signing Key (10/buster) <ftpmas...@debian.org> What are these `sig R` things, and are they really needed in the .asc fragment? Regards, Dimitri.