nlnetlabs / archive-keyring Goto Github PK
View Code? Open in Web Editor NEWNLnet Labs package repository signing key for Debian(-derivatives)
License: BSD 3-Clause "New" or "Revised" License
NLnet Labs package repository signing key for Debian(-derivatives)
License: BSD 3-Clause "New" or "Revised" License
@ximon18 asked:
What happens or should happen when the package with the signing key dependency is uninstalled, if you already had a package installed from us for which you manually provided the public signing key file? Would the new signing key package remove that too or are they independent of each other?
Ideally, the Debian package we are shipping bootstraps the repository, i.e., adds both the key and the sources.list entries to the machines. Even more ideally, it somehow then manages to replace itself with a version that is part of the repository so that it then gets updated as per the original intention.
I think this can possibly be achieved through APT policy settings?
We could download the key instead of storing it, to avoid having it in two places.
Fetching could be done by a "build.rs" Rust "script" in the root of the project dir. See: https://doc.rust-lang.org/cargo/reference/build-scripts.html and https://stackoverflow.com/a/45623133.
This would need proper error handling and validation, to make sure we are shipping the right key. So the gains over local storage may be small.
Deferring for now.
I just realised there may be some people who used apt-key
to trust our packaging key system-wide instead of just our repo with a signed-by
line in apt's sources.list or equivalent. A key-roll would break such setups, unless we correct it, because the /usr/share/keyrings/nlnetlabs-archive.keyring.gpg
that we would (attempt to) replace would remain unused.
We should probably detect this, if not correct it.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.