| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Move our cut-offs to February to align with Sequoia, and cut-off more:
- 2024-02: DSA keys retroactively (align with GnuPG config)
- 2026-02: SHA224 hashes
- 2028-02: Brainpool keys (align closer with GnuPG backend)
- 2030-02: RSA2048 keys
These algorithms will not be valid starting on those cut-off dates.
Gbp-Dch: full
|
| |
|
|
|
| |
SUSE's Open Build Service is signing multiple repositories using
v3 signing keys.
|
|
|
Many repositories still have SHA-1 self-signatures, and they are not
security relevant for APT repositories in the first place since we
do not use a web of trust model, but rather a set of trusted keyrings,
and the subkey can essentially be always considered trusted even if
it cannot be verified.
|