Using the trusted keys keyring is as deprecated and unsecure as using apt-keys, it's in fact the main reason why this tool has been deprecated in 2019 or 2020 if I recall . Each repository should be signed explicitly by their respective key. Otherwise, any key could sign any package in any repository.
Keys should be stored in /usr/share/keyrings/[KEYNAME].pgp and assigned to it's repository explicitly in the [REPOSITORY].list file:
deb [signed-by=/usr/share/keyrings/[KEYNAME].gpg] https://[DOMAIN.TLD]/debian/ buster main contrib non-free
Using the trusted keys keyring is as deprecated and unsecure as using
apt-keys, it's in fact the main reason why this tool has been deprecated in 2019 or 2020 if I recall . Each repository should be signed explicitly by their respective key. Otherwise, any key could sign any package in any repository.Keys should be stored in
/usr/share/keyrings/[KEYNAME].pgpand assigned to it's repository explicitly in the [REPOSITORY].list file: