[09:37] <xnox> cjwatson, any idea what component of our infra creates http://archive.ubuntu.com/ubuntu/ubuntu/dists/yakkety/main/dist-upgrader-all/current/yakkety.tar.gz.gpg signature?
[09:37] <xnox> it's done with the old 2004 archive key, instead of the 2012 archive key.
[09:37] <xnox> opened https://bugs.launchpad.net/ubuntu/+source/ubuntu-release-upgrader/+bug/1628852 for now, will talk to brian when he is online.
[09:37] <mup> Bug #1628852: upgrade tarballs are signed with deprecated 2004 key, instead of 2012 key <gnupg2> <ubuntu-release-upgrader (Ubuntu):New for brian-murray> <https://launchpad.net/bugs/1628852>
[09:39] <cjwatson> xnox: lp:ubuntu-archive-publishing publish-distro.d/10-sign-releases
[09:39] <cjwatson> xnox: I don't remember why *:*/dist-upgrader* is special-cased up top - maybe it wasn't clear whether it supported being signed with multiple keys
[09:39] <xnox> brilliant! will take a look.
[09:39] <cjwatson> xnox: anyway, ubuntu-archive-publishing is simple, I encourage you to hack it to fit
[09:40] <cjwatson> xnox: it's meant to be owned by Ubuntu rather than by the LP team
[09:40] <xnox> well, i think to support upgrades from precise -> trusty, things up to and including trusty should be signed with 2004 key. Things after trusty, should be just signed with the 2012 key.
[09:40] <xnox> cool!
[09:40] <cjwatson> perhaps it was something to do with that, yes
[09:40] <xnox> thank you, i had no idea about ubuntu-archive-publishing project =)