bug#35414: 26.2; ELPA packages signed with second, unknown key

bug-gnu-emacs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#35414: 26.2; ELPA packages signed with second, unknown key

From:	Stefan Kangas
Subject:	bug#35414: 26.2; ELPA packages signed with second, unknown key
Date:	Tue, 1 Oct 2019 00:02:49 +0200

Stefan Monnier <monnier@IRO.UMontreal.CA> writes:

>> No, the bug is that the signature verification should not signal an
>> error before September 2019 even if you don't have the new key.
>>
>> Could you remove the gnu-elpa-keyring-update package, and the 2019
>> key from your keyring and try and help us figure out why you get
>> those errors and I don't?
>
> Oh, wait, I see it now: I had set package-check-signature incorrectly.
> So, I can reproduce the problem now with
>
>     (setq package-check-signature t)
>
> It works correctly if you've set it to the default `allow-unsigned`.
>
> I think it's a mistake: `allow-unsigned` should mean to allow installing
> packages when they don't have a signature at all, and `t` should mean
> to allow installing if at least one of the sigs is verified rather than
> only if all the sigs are verified.
>
> But that ship has sailed, so I'm going to have to rethink the transition
> to the new key.  Damn!

What's the status on this?  Anything else that needs doing before 27.1?

Best regards,
Stefan Kangas

[Prev in Thread]

Current Thread

[Next in Thread]

bug#35414: 26.2; ELPA packages signed with second, unknown key, Stefan Kangas <=
- bug#35414: 26.2; ELPA packages signed with second, unknown key, Stefan Monnier, 2019/09/30

Prev by Date: bug#36981: 26.2; request: add searching by package name to list-packages
Next by Date: bug#35414: 26.2; ELPA packages signed with second, unknown key
Previous by thread: bug#32148: 27.0.50; Shell is getting characters when enlarging window
Next by thread: bug#35414: 26.2; ELPA packages signed with second, unknown key
Index(es):
- Date
- Thread