On Tue, 23 Jan 2024 at 02:31, Jeremy Bícha
wrote:
> On Mon, Jan 22, 2024 at 7:36 AM Dimitri John Ledkov
> wrote:
> > > Sadly shipping this in 24.04 means that PPAs owned by user
> > > accounts created prior to 2014-03-11[3] until the key rotation
> > > mechanism(s) [4][5] have been implemented.
On Thu, Jan 18, 2024 at 07:01:48PM +0100, Julian Andres Klode wrote:
> Hi,
>
> we just noticed again that we are still trusting 1024R keys for
> signing repositories in APT, arguably because we do not have a
> means to tell gpgv the minimum key size.
>
> While the upstream bug[0] is being worked