Why are the proposed BADSIG (on apt-get update) fixes secure?
Posted
by
EvanED
on Ask Ubuntu
See other posts from Ask Ubuntu
or by EvanED
Published on 2012-09-03T03:48:47Z
Indexed on
2012/09/04
3:49 UTC
Read the original article
Hit count: 207
apt
I'm running apt-get update
, and I see errors like
W: GPG error: http://us.archive.ubuntu.com precise Release:
The following signatures were invalid:
BADSIG 40976EAF437D05B5 Ubuntu Archive Automatic Signing Key <[email protected]>
It's not hard to find instructions on how to fix these problems, for instance by asking for the new keys with apt-key adv --recv-keys
or rebuilding the cache; so I'm not asking about how to fix these.
But why is this the right thing to do? Why is "oh, I need new keys? Cool, go get new keys" not just defeating the purpose of having a signed repository in the first place? Are the keys signed by a master key that apt-key
checks? Should we be doing some additional validation to ensure that we're getting legitimate keys?
© Ask Ubuntu or respective owner