Comment 18 for bug 1461834

What I'd like to see is that

1. launchpad starts dual-signing repositories
2. ubuntu-release-upgrader gets a quirk that replaces any unsafe PPA keys on upgrade to kinetic+ (jammy backport possible too, but arguably people might have already upgraded)
3. Drop 1024 bit keys for kinetic+

This will lead to everyone running kinetic and newer to at least use RSA keys.