Signed-By: <pubkey-fingerprint> is a new addition to the Debian Release file spec.
https://wiki.debian.org/DebianRepository/Format#Signed-By . From what I can tell, it tells clients to only accept future updates from this particular key, increasing security.
After verifying that the non-EOL Ubuntu/Debian distros can handle this field, let's support in merfi. We should be able to dynamically insert this value into the Release file when given a public key with --keyfile.
Signed-By: <pubkey-fingerprint>
is a new addition to the DebianRelease
file spec. https://wiki.debian.org/DebianRepository/Format#Signed-By . From what I can tell, it tells clients to only accept future updates from this particular key, increasing security.After verifying that the non-EOL Ubuntu/Debian distros can handle this field, let's support in merfi. We should be able to dynamically insert this value into the
Release
file when given a public key with--keyfile
.