Debian Archive Signing Key to be changed
February 9th, 2011
The Debian Project wishes to announce the change of the GNU Privacy Guard key used to digitally sign the archive reference files. Signatures are used to ensure that packages installed by users are the very same originally distributed by Debian and have not been exchanged or tempered with.
Affected distributions are the Debian unstable branch (codenamed
Sid) as well as the testing branch (codenamed
Wheezy). The Debian Security (security.debian.org) and Backports (backports.debian.org) archive also start using the new key now. The current stable version Debian GNU/Linux 6.0 (codenamed
Squeeze) and the current oldstable version Debian GNU/Linux 5.0 (codenamed
Lenny) will have their ftpmaster signature updated with their next point release.
The new key has already been distributed via the debian-archive-keyring package and is included in all current releases of Debian.
Starting with the next mirror update this evening only the new key will be used.
For reference, the old key is:Read more...