[Pkg-rust-maintainers] Bug#1127595: Bug#1127595: Apt allows expired keys for repos
Alexander Kjäll
alexander.kjall at gmail.com
Tue Feb 10 20:08:30 GMT 2026
Hi
> The idea here is that a repo with an expired key (think e.g. buster)
> should not be used even if that repo was correctly signed back in the
> day as the data the key signed is sort of expired by now, too.
If this is a desired property, shouldn't there rather be an expiration date
set on the signature?
See: https://docs.rs/sequoia-openpgp/latest/sequoia_openpgp/packet/signature/struct.Signature6.html#method.signature_validity_period
//Alex
More information about the Pkg-rust-maintainers
mailing list