Debian Secure APT Keys for Third-Party Repositories

In most (if not all) installation instructions for Debian Third-Party repositories you will find a sentence like this:

wget -O - https://packages.example.com/example.key | apt-key add -

This allows the package maintainers key to sign ALL Debian packages, not only the packages from their repository. I’m not sure why this is still so common when a more secure alternative exists.

Read on