Comment 0 for bug 1218963

[Description]
Ubuntu's build process for cloud images (and maas ephemeral images) creates metadata about those images at http://cloud-images.ubuntu.com/releases/streams/v1/ and also creates .MD5SUM and .SHA256SUM files and signs those on a per-directory basis.

That signing key is put into a keyring in the ubuntu-cloudimage-keyring package that is now in saucy. We would like that package SRU'd to older supported releases.

This bug is a request to add the package to 12.04, 12.10, 13.04.

[Testcase]
After installation of the package, you should be able to see the key in the keyring, and use it to verify data.
$ gpg /usr/share/keyrings/ubuntu-cloudimage-keyring.gpg
pub 4096R/476CF100 2012-10-27 Ubuntu Cloud Image Builder (Canonical Internal Cloud Image Builder) <email address hidden>
sub 4096R/9D817405 2012-10-27

$ gpg --keyring /usr/share/keyrings/ubuntu-cloudimage-keyring.gpg --verify index.sjson
gpg: Signature made Thu 29 Aug 2013 11:02:15 PM EDT using RSA key ID 476CF100
gpg: Good signature from "Ubuntu Cloud Image Builder (Canonical Internal Cloud Image Builder) <email address hidden>"

[Regression Potential]
Regression potential should be very low. No other packages provide this file (/usr/share/keyrings/ubuntu-cloudimage-keyring.gpg), and the only real use of such a keyring is for this purpose.