Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > linux.debian.security > #6453
| From | Jeffrey Walton <noloader@gmail.com> |
|---|---|
| Newsgroups | linux.debian.security |
| Subject | Re: Why Does Debian Use PGP to Sign Packages |
| Date | 2025-08-16 11:20 +0200 |
| Message-ID | <LkleV-80XJ-9@gated-at.bofh.it> (permalink) |
| References | <Lke3L-7W49-5@gated-at.bofh.it> |
| Organization | linux.* mail to news gateway |
[Multipart message — attachments visible in raw view] - view raw
On Sat, Aug 16, 2025 at 12:45 AM <fosres@posteo.de> wrote: > Hello All, > > In an earlier post I asked why Debian uses PGP to sign packages despite > its complexity. > > Some responded that Sequoia PGP simplifies the process. > > I now wish to ask why Debian uses PGP in general to sign packages when > there are alternatives such as SigStore. > > What were the unique benefits in PGP that could not be found in other > alternatives? > > I thank all in advance for any responses. > Also see < https://www.debian.org/doc/manuals/securing-debian-manual/deb-pack-sign.en.html >. Jeff
Back to linux.debian.security | Previous | Next — Previous in thread | Next in thread | Find similar
Why Does Debian Use PGP to Sign Packages fosres@posteo.de - 2025-08-16 03:40 +0200
Re: Why Does Debian Use PGP to Sign Packages Jeffrey Walton <noloader@gmail.com> - 2025-08-16 11:20 +0200
Re: Why Does Debian Use PGP to Sign Packages Simon Josefsson <simon@josefsson.org> - 2025-08-16 11:40 +0200
Re: Why Does Debian Use PGP to Sign Packages Simon Josefsson <simon@josefsson.org> - 2025-08-16 11:30 +0200
Re: Why Does Debian Use PGP to Sign Packages kpcyrd <kpcyrd@archlinux.org> - 2025-08-16 16:30 +0200
csiph-web