From 593a02a02fbd2abe6f493bee3dd8a4764390b351 Mon Sep 17 00:00:00 2001
From: root <holta@users.noreply.github.com>
Date: Mon, 26 Apr 2021 09:17:31 -0400
Subject: [PATCH] CLARIF: /etc/apt/trusted.gpg.d is considered insecure

---
 scripts/ansible | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/scripts/ansible b/scripts/ansible
index db5e13737..b8e237956 100755
--- a/scripts/ansible
+++ b/scripts/ansible
@@ -92,7 +92,8 @@ if [ ! -f /etc/debian_version ]; then    # e.g. RaspiOS, Ubuntu, Mint & Debian
     exit 1
 fi
 
-# 2021-04-26: JV & @holta WIP. The apt-key command is dangerous and going away:
+# 2021-04-26: JV & @holta WIP.  The apt-key command is going away, and the past
+# practice of putting keys in /etc/apt/trusted.gpg.d is considered insecure:
 # https://www.linuxuprising.com/2021/01/apt-key-is-deprecated-how-to-add.html
 # So we put .gpg key in repo iiab/iiab, also for reliable installs/containers.