+ <listitem><para><option>By-Hash</option> (<option>by-hash</option>)
+ can have the value <literal>yes</literal>, <literal>no</literal>
+ or <literal>force</literal> and controls if APT should try to
+ acquire indexes via a URI constructed from a hashsum of the
+ expected file instead of using the well-known stable filename
+ of the index. Using this can avoid hashsum mismatches, but
+ requires a supporting mirror. A <literal>yes</literal> or
+ <literal>no</literal> value activates/disables the use of this
+ feature if this source indicates support for it, while
+ <literal>force</literal> will enable the feature regardless of
+ what the source indicates. Defaults to the value of the option
+ of the same name for a specific index file defined in the
+ <option>Acquire::IndexTargets</option> scope, which itself
+ defaults to the value of configuration option
+ <option>Acquire::By-Hash</option> which defaults to
+ <literal>yes</literal>.
+ </para></listitem>
+
+ </itemizedlist>
+
+ Furthermore, there are options which if set affect
+ <emphasis>all</emphasis> sources with the same URI and Suite, so they
+ have to be set on all such entries and can not be varied between
+ different components. APT will try to detect and error out on such
+ anomalies.
+
+ <itemizedlist>
+ <listitem><para><option>Allow-Insecure</option> (<option>allow-insecure</option>),
+ <option>Allow-Weak</option> (<option>allow-weak</option>) and
+ <option>Allow-Downgrade-To-Insecure</option> (<option>allow-downgrade-to-insecure</option>)
+ are boolean values which all default to <literal>no</literal>.
+ If set to <literal>yes</literal> they circumvent parts of &apt-secure;
+ and should therefore not be used lightly!
+ </para></listitem>
+
+ <listitem><para><option>Trusted</option> (<option>trusted</option>)
+ is a tri-state value which defaults to APT deciding if a source
+ is considered trusted or if warnings should be raised before e.g.
+ packages are installed from this source. This option can be used
+ to override that decision. The value <literal>yes</literal> tells APT
+ always to consider this source as trusted, even if it doesn't pass
+ authentication checks. It disables parts of &apt-secure;, and should
+ therefore only be used in a local and trusted context (if at all) as
+ otherwise security is breached. The value <literal>no</literal> does
+ the opposite, causing the source to be handled as untrusted even if
+ the authentication checks passed successfully. The default value can't
+ be set explicitly.
+ </para></listitem>
+
+ <listitem><para><option>Signed-By</option> (<option>signed-by</option>)
+ is either an absolute path to a keyring file (has to be
+ accessible and readable for the <literal>_apt</literal> user,
+ so ensure everyone has read-permissions on the file) or one or
+ more fingerprints of keys either in the
+ <filename>trusted.gpg</filename> keyring or in the
+ keyrings in the <filename>trusted.gpg.d/</filename> directory
+ (see <command>apt-key fingerprint</command>). If the option is
+ set, only the key(s) in this keyring or only the keys with these
+ fingerprints are used for the &apt-secure; verification of this
+ repository. Defaults to the value of the option with the same name
+ if set in the previously acquired <filename>Release</filename> file.
+ Otherwise all keys in the trusted keyrings are considered valid
+ signers for this repository.
+ </para></listitem>
+
+ <listitem><para><option>Check-Valid-Until</option> (<option>check-valid-until</option>)
+ is a yes/no value which controls if APT should try to detect
+ replay attacks. A repository creator can declare a time until
+ which the data provided in the repository should be considered valid,
+ and if this time is reached, but no new data is provided, the data
+ is considered expired and an error is raised. Besides
+ increasing security, as a malicious attacker can't send old data
+ forever to prevent a user from upgrading to a new version,
+ this also helps users identify mirrors which are no longer
+ updated. However, some repositories such as historic archives
+ are not updated any more by design, so this check can be
+ disabled by setting this option to <literal>no</literal>.
+ Defaults to the value of configuration option
+ <option>Acquire::Check-Valid-Until</option> which itself
+ defaults to <literal>yes</literal>.
+ </para></listitem>
+
+ <listitem><para><option>Valid-Until-Min</option>
+ (<option>valid-until-min</option>) and
+ <option>Valid-Until-Max</option>
+ (<option>valid-until-max</option>) can be used to raise or
+ lower the time period in seconds in which the data from this
+ repository is considered valid. -Max can be especially useful
+ if the repository provides no Valid-Until field on its Release
+ file to set your own value, while -Min can be used to increase
+ the valid time on seldom updated (local) mirrors of a more
+ frequently updated but less accessible archive (which is in the
+ sources.list as well) instead of disabling the check entirely.
+ Default to the value of the configuration options
+ <option>Acquire::Min-ValidTime</option> and
+ <option>Acquire::Max-ValidTime</option> which are both unset by
+ default.
+ </para></listitem>
+
+ </itemizedlist>
+
+ </para>