From: pkern@debian.org 
  
 On 2025-10-30 13:52, Adrian Bunk wrote: 
 > On Mon, Oct 27, 2025 at 09:38:04AM +0000, MOESSBAUER, Felix wrote: 
 >> ... 
 >> Regarding checksums: I'm wondering if the uniqueness of 
 >> name/version/arch triplets just refers to the content of a package, or 
 >> also to the .dsc file with its signature. IOW: Should it be allowed to 
 >> re-sign a .dsc file without changing the version? Here, I'm also 
 >> considering the case that a package is copied from debian-security to 
 >> debian. 
 > 
 > This shouldn't happen. 
 > 
 > Importing packages from debian-security to (old)stable is basically an 
 > upload, and you need the signature of the uploader for that. 
  
 Because it is, it can change because it might need resigning because the 
 original signer's key might not (currently) be valid at the point of 
 copy. 
  
 Kind regards 
 Philipp Kern 
  
 --- SoupGate-Win32 v1.05 
  * Origin: you cannot sedate... all the things you hate (1:229/2)