As far as I can see, the problem here is that apt is inappropriately caching files that fail validation, rather than removing them and allowing them to be fetched again. Fixing that would probably be enough to consign this bug to the dustbin of history, which I'm sure would be welcomed by all concerned.
I put a bit of effort into coming up with a reliable reproduction case for this bug. I've attached a 'dummy-proxy' script, which is a trivial Twisted server that can be used as an HTTP proxy; it listens on localhost:8080 and returns some junk HTML in response to every request. Run it in one terminal. In another terminal, run: chdist create captive-portal echo 'deb http://archive.ubuntu.com/ubuntu lucid main' >~/.chdist/captive-portal/etc/apt/sources.list chdist apt-get captive-portal update # should complete successfully http_proxy=http://localhost:8080/ chdist apt-get captive-portal update # should fail chdist apt-get captive-portal update # now this fails with BADSIG ** Attachment added: "simple proxy to help reproduce this bug" https://bugs.launchpad.net/ubuntu/+source/apt/+bug/24061/+attachment/2629686/+files/dummy-proxy ** Changed in: apt (Ubuntu) Importance: Low => High -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/24061 Title: GPG error with apt-get/aptitude/update-manager behind proxy (BADSIG 40976EAF437D05B5) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/24061/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs