Comment 1 for bug 1782641

Revision history for this message
Dimitri John Ledkov (xnox) wrote :

Ubuntu will not ship a keyring with ubuntu uploaders keys.

The permission model in ubuntu is very different from debian and is not based on GPG web of trust. In debian, any DD can upload any package, thus debian-keyring make sense to keep track of all the uploader keys. In Ubuntu, launchpad is the only thing that enforces which keys are allowed to upload and they are scoped a lot - only a minority of keys are allowed to upload anything, and vast majority of uploaders can only upload individual packages or subsets of them.

I have no idea why debian choose a different name when importing our package =/

If that is of any help, i'm happy to add Provides stanzas to help with discovery. But I very much see no benefit in renaming this key package in Ubuntu, given that we have not changed it since Ubuntu inception.

Note that the ubuntu-keyring package ships not only the keyring that is used to validate APT archives, but other signed metadata as well, for example - /pool/ on the ISOs; cdimage checksum files of ubuntu ISOs; cloud images simplestreams metadata; cloud images checksum files; master key for archive key rotation.

Thus naming the package (either source, of one of the binaries) as ubuntu-archive-keyring makes no sense, as it validates more than just the APT archive.