Groups | Search | Server Info | Keyboard shortcuts | Login | Register

Groups > linux.debian.security > #6452

Why Does Debian Use PGP to Sign Packages

From fosres@posteo.de
Newsgroups linux.debian.security
Subject Why Does Debian Use PGP to Sign Packages
Date 2025-08-16 03:40 +0200
Message-ID <Lke3L-7W49-5@gated-at.bofh.it> (permalink)
Organization linux.* mail to news gateway

Show all headers | View raw

Hello All,

In an earlier post I asked why Debian uses PGP to sign packages despite 
its complexity.

Some responded that Sequoia PGP simplifies the process.

I now wish to ask why Debian uses PGP in general to sign packages when 
there are alternatives such as SigStore.

What were the unique benefits in PGP that could not be found in other 
alternatives?

I thank all in advance for any responses.

Best,

Tanveer Salim

Back to linux.debian.security | Previous | NextNext in thread | Find similar

Thread

Why Does Debian Use PGP to Sign Packages fosres@posteo.de - 2025-08-16 03:40 +0200
  Re: Why Does Debian Use PGP to Sign Packages Jeffrey Walton <noloader@gmail.com> - 2025-08-16 11:20 +0200
    Re: Why Does Debian Use PGP to Sign Packages Simon Josefsson <simon@josefsson.org> - 2025-08-16 11:40 +0200
  Re: Why Does Debian Use PGP to Sign Packages Simon Josefsson <simon@josefsson.org> - 2025-08-16 11:30 +0200
  Re: Why Does Debian Use PGP to Sign Packages kpcyrd <kpcyrd@archlinux.org> - 2025-08-16 16:30 +0200

csiph-web