Comment 5 for bug 838299

Revision history for this message
Dimitri John Ledkov (xnox) wrote :

@ Daniel

No, they should not. Most of the time, debian-archive-keyring is not installed to access debian repositories directly, but to have access to /usr/share/keyrings/debian-archive-keyring.gpg to validate repositories when debootstraping debian releases in schroots/containers/etc. For example, mk-sbuild uses /usr/share/keyrings/debian-archive-keyring.gpg to validate chroots when creating build environments for the Debian releases.

The host system apt, should not be trusting debian repositories, as installing debian binaries on ubuntu may result in broken and incompatible sets of packages. (e.g. due to toolchain differences packages may effectively have incompatible ABIs).