Debians commandline package manager https://git.kalnischkies.de/apt/atom?h=2.2.0 2016-08-17T05:55:46Z 2016-08-17T05:55:46Z David Kalnischkies david@kalnischkies.de 2016-08-16T11:42:30Z urn:sha1:d6e9ec719e2824db0b90f344f71b6e853df05627 gpg upstream committed "gpgv: Tweak default options for extra security." applied on the 1.x and 2.x branches: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=e32c575e0f3704e7563048eea6d26844bdfc494b This commit includes "[…], but we should validate the key by its self signature for primary key, and back signature for subkey." Our testkeys are old and do not really considered best practices in the last years, so their most recent self-signature is SHA1-only which with this gpg commit and our testcases defaulting to --weak-digest sha1 are refused. So what we do here is just applying some of the recent best practices on top of our testcase keys. Gbp-Dch: Ignore 2013-08-12T16:01:37Z David Kalnischkies kalnischkies@gmail.com 2013-08-09T20:20:27Z urn:sha1:29a59c460403820d0f039398194e321b7e0921fc Signing files with expired keys is not as easy as it sounds, so the framework jumps a few loops to do it, but it might come in handy to have an expired key around for later tests even if it is not that different from having no key in regards to APT behaviour. Git-Dch: Ignore