Jake, some progress is underway for Launchpad to automatically sign PPAs with RSA4096 keys https://discourse.ubuntu.com/t/new-requirements-for-apt-repository-signing-in-24-04/42854
It's also possible to dual-sign non-ppa repositories, eg:
curl -s http://archive.ubuntu.com/ubuntu/dists/focal-updates/InRelease | gpg --verify
This can really help migrating from unsafe key sizes to safe key sizes.
Thanks
Jake, some progress is underway for Launchpad to automatically sign PPAs with RSA4096 keys https:/ /discourse. ubuntu. com/t/new- requirements- for-apt- repository- signing- in-24-04/ 42854
It's also possible to dual-sign non-ppa repositories, eg:
curl -s http:// archive. ubuntu. com/ubuntu/ dists/focal- updates/ InRelease | gpg --verify
This can really help migrating from unsafe key sizes to safe key sizes.
Thanks