[Bug 1798073] Re: [SRU] Provide 2018 archive signing key on stable releases

Tue Nov 13 20:53:16 UTC 2018

Hello Dimitri, or anyone else affected,

Accepted ubuntu-keyring into bionic-proposed. The package will build now
and be available at https://launchpad.net/ubuntu/+source/ubuntu-
keyring/2018.09.18.1~18.04.0 in a few hours, and then in the -proposed
repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested and change the tag from
verification-needed-bionic to verification-done-bionic. If it does not
fix the bug for you, please add a comment stating that, and change the
tag to verification-failed-bionic. In either case, without details of
your testing we will not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: ubuntu-keyring (Ubuntu Bionic)
       Status: In Progress => Fix Committed

** Tags added: verification-needed verification-needed-bionic

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to ubuntu-keyring in Ubuntu.
https://bugs.launchpad.net/bugs/1798073

Title:
  [SRU] Provide 2018 archive signing key on stable releases

Status in ubuntu-keyring package in Ubuntu:
  Fix Released
Status in ubuntu-keyring source package in Bionic:
  Fix Committed

Bug description:
  [Impact]

   * For LTS releases to be able to bootstrap dual and single signed
  future releases, and validate all signatures, 2018 archive signing key
  should be SRUed back

   * Also build process has improved documentation and vague validation
  that all key snippets are signed correctly

  [Test Case]

   * $ apt-key list
  ...
  /etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg
  ------------------------------------------------------
  pub   rsa4096 2018-09-17 [SC]
        F6EC B376 2474 EDA9 D21B  7022 8719 20D1 991B C93C
  uid           [ unknown] Ubuntu Archive Automatic Signing Key (2018) <ftpmaster at ubuntu.com>
  ...

  apt-key list should contain the 2018 archive key.

  [Regression Potential]

   * Build-process, key algo, and key size, and file format are the same
  as previous key snippets thus supported by all of gpg1 gpg2 gpgv1
  gpgv2.

  [Other Info]

   * 2018 key is to be used for dual-signing in DD series and up

   * Bileto PPA is built against security pocket only, suitable to be
  released into both -security and -updates

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-keyring/+bug/1798073/+subscriptions