[Bug 1798073] Re: [SRU] Provide 2018 archive signing key on stable releases

[Jamie Strandboge]

It might be nice to provide this on older LTS releases too.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to ubuntu-keyring in Ubuntu.
https://bugs.launchpad.net/bugs/1798073

Title:
  [SRU] Provide 2018 archive signing key on stable releases

Status in ubuntu-keyring package in Ubuntu:
  Fix Released
Status in ubuntu-keyring source package in Bionic:
  Fix Committed

Bug description:
  [Impact]

   * For LTS releases to be able to bootstrap dual and single signed
  future releases, and validate all signatures, 2018 archive signing key
  should be SRUed back

   * Also build process has improved documentation and vague validation
  that all key snippets are signed correctly

  [Test Case]

   * $ apt-key list
  ...
  /etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg
  ------------------------------------------------------
  pub   rsa4096 2018-09-17 [SC]
        F6EC B376 2474 EDA9 D21B  7022 8719 20D1 991B C93C
  uid           [ unknown] Ubuntu Archive Automatic Signing Key (2018) <ftpmaster at ubuntu.com>
  ...

  apt-key list should contain the 2018 archive key.

  [Regression Potential]

   * Build-process, key algo, and key size, and file format are the same
  as previous key snippets thus supported by all of gpg1 gpg2 gpgv1
  gpgv2.

  [Other Info]

   * 2018 key is to be used for dual-signing in DD series and up

   * Bileto PPA is built against security pocket only, suitable to be
  released into both -security and -updates

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-keyring/+bug/1798073/+subscriptions