#, fuzzy
msgid ""
msgstr ""
-"Project-Id-Version: apt-doc 1.3~exp2\n"
+"Project-Id-Version: apt-doc 1.3~exp3\n"
"Report-Msgid-Bugs-To: APT Development Team <deity@lists.debian.org>\n"
-"POT-Creation-Date: 2016-06-11 17:24+0200\n"
+"POT-Creation-Date: 2016-06-22 14:50+0200\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
#: apt-get.8.xml:1
msgid ""
"Forbid the update command to acquire unverifiable data from configured "
-"sources. Apt will fail at the update command for repositories without valid "
-"cryptographically signatures. Configuration Item: "
+"sources. APT will fail at the update command for repositories without valid "
+"cryptographically signatures. See also &apt-secure; for details on the "
+"concept and the implications. Configuration Item: "
"<literal>Acquire::AllowInsecureRepositories</literal>."
msgstr ""
"Starting with version 0.6, <command>APT</command> contains code that does "
"signature checking of the Release file for all repositories. This ensures "
"that data like packages in the archive can't be modified by people who have "
-"no access to the Release file signing key."
+"no access to the Release file signing key. Starting with version 1.1 "
+"<command>APT</command> requires repositories to provide recent "
+"authentication information for unimpeded usage of the repository."
msgstr ""
#. type: Content of: <refentry><refsect1><para>
#: apt-secure.8.xml:1
msgid ""
"If an archive has an unsigned Release file or no Release file at all current "
-"APT versions will raise a warning in <command>update</command> operations "
-"and front-ends like <command>apt-get</command> will require explicit "
-"confirmation if an installation request includes a package from such an "
-"unauthenticated archive."
+"APT versions will refuse to download data from them by default in "
+"<command>update</command> operations and even if forced to download "
+"front-ends like &apt-get; will require explicit confirmation if an "
+"installation request includes a package from such an unauthenticated "
+"archive."
msgstr ""
#. type: Content of: <refentry><refsect1><para>
#: apt-secure.8.xml:1
msgid ""
-"In the future APT will refuse to work with unauthenticated repositories by "
-"default until support for them is removed entirely. Users have the option to "
-"opt-in to this behavior already by setting the configuration option "
-"<option>Acquire::AllowInsecureRepositories</option> to "
-"<literal>false</literal>."
+"As a temporary exception &apt-get; (not &apt;!) raises warnings only if it "
+"encounters unauthenticated archives to give a slightly longer grace period "
+"on this backward compatibility effecting change. This exception will be "
+"removed in future releases and you can opt-out of this grace period by "
+"setting the configuration option "
+"<option>Binary::apt-get::Acquire::AllowInsecureRepositories</option> to "
+"<literal>false</literal> or "
+"<option>--no-allow-insecure-repositories</option> on the command line."
+msgstr ""
+
+#. type: Content of: <refentry><refsect1><para>
+#: apt-secure.8.xml:1
+msgid ""
+"You can force all APT clients to raise only warnings by setting the "
+"configuration option <option>Acquire::AllowInsecureRepositories</option> to "
+"<literal>true</literal>. Individual repositories can also be allowed to be "
+"insecure via the &sources-list; option "
+"<literal>allow-insecure=yes</literal>. Note that insecure repositories are "
+"strongly discouraged and all options to force apt to continue supporting "
+"them will eventually be removed. Users also have the "
+"<option>Trusted</option> option available to disable even the warnings, but "
+"be sure to understand the implications as detailed in &sources-list;."
+msgstr ""
+
+#. type: Content of: <refentry><refsect1><para>
+#: apt-secure.8.xml:1
+msgid ""
+"A repository which previously was authentication but would loose this state "
+"in an <command>update</command> operation raises an error in all APT clients "
+"irrespective of the option to allow or forbid usage of insecure "
+"repositories. The error can be overcome by additionally setting "
+"<option>Acquire::AllowDowngradeToInsecureRepositories</option> to "
+"<literal>true</literal> or for Individual repositories with the "
+"&sources-list; option <literal>allow-downgrade-to-insecure=yes</literal>."
msgstr ""
#. type: Content of: <refentry><refsect1><para>
#: apt.conf.5.xml:1
msgid ""
"<literal>Acquire::http::Proxy-Auto-Detect</literal> can be used to specify "
-"an external command to discover the http proxy to use. Apt expects the "
-"command to output the proxy on stdout in the style "
-"<literal>http://proxy:port/</literal>. This will override the generic "
-"<literal>Acquire::http::Proxy</literal> but not any specific host proxy "
-"configuration set via <literal>Acquire::http::Proxy::$HOST</literal>. See "
-"the &squid-deb-proxy-client; package for an example implementation that uses "
-"avahi. This option takes precedence over the legacy option name "
+"an external command to discover the http proxy to use. The first and only "
+"parameter is an URI denoting the host to be contacted to allow for "
+"host-specific configuration. APT expects the command to output the proxy on "
+"stdout as a single line in the style <literal>http://proxy:port/</literal> "
+"or the word <literal>DIRECT</literal> if no proxy should be used. No output "
+"indicates that the generic proxy settings should be used. Note that "
+"auto-detection will not be used for a host if a host-specific proxy "
+"configuration is already set via "
+"<literal>Acquire::http::Proxy::<replaceable>HOST</replaceable></literal>. "
+"See the &squid-deb-proxy-client; package for an example implementation that "
+"uses avahi. This option takes precedence over the legacy option name "
"<literal>ProxyAutoDetect</literal>."
msgstr ""
#. type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
#: apt.conf.5.xml:1
msgid ""
-"Allow the update operation to load data files from a repository without a "
-"trusted signature. If enabled this option no data files will be loaded and "
-"the update operation fails with a error for this source. The default is "
-"false for backward compatibility. This will be changed in the future."
+"Allow update operations to load data files from repositories without "
+"sufficient security information. The default value is "
+"\"<literal>false</literal>\". Concept, implications as well as alternatives "
+"are detailed in &apt-secure;."
+msgstr ""
+
+#. type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: apt.conf.5.xml:1
+msgid ""
+"Allow update operations to load data files from repositories which provide "
+"security information, but these are deemed no longer cryptographically "
+"strong enough. The default value is \"<literal>false</literal>\". Concept, "
+"implications as well as alternatives are detailed in &apt-secure;."
msgstr ""
#. type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
#: apt.conf.5.xml:1
msgid ""
"Allow that a repository that was previously gpg signed to become unsigned "
-"durign a update operation. When there is no valid signature of a previously "
-"trusted repository apt will refuse the update. This option can be used to "
-"override this protection. You almost certainly never want to enable "
-"this. The default is false. Note that apt will still consider packages from "
-"this source untrusted and warn about them if you try to install them."
+"during an update operation. When there is no valid signature for a "
+"previously trusted repository apt will refuse the update. This option can be "
+"used to override this protection. You almost certainly never want to enable "
+"this. The default is <literal>false</literal>. Concept, implications as "
+"well as alternatives are detailed in &apt-secure;."
msgstr ""
#. type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
"detect and error out on such anomalies."
msgstr ""
+#. type: Content of: <refentry><refsect1><para><itemizedlist><listitem><para>
+#: sources.list.5.xml:1
+msgid ""
+"<option>Allow-Insecure</option> (<option>allow-insecure</option>), "
+"<option>Allow-Weak</option> (<option>allow-weak</option>) and "
+"<option>Allow-Downgrade-To-Insecure</option> "
+"(<option>allow-downgrade-to-insecure</option>) are boolean values which all "
+"default to <literal>no</literal>. If set to <literal>yes</literal> they "
+"circumvent parts of &apt-secure; and should therefore not be used lightly!"
+msgstr ""
+
#. type: Content of: <refentry><refsect1><para><itemizedlist><listitem><para>
#: sources.list.5.xml:1
msgid ""