Stefan,

   Thank you for sharing this.  I'm afraid I'm not familiar with the
   debian dev process to look this up: do you know what avenues will be
   available for debian users to verify public keys?  Will there be
   signatures on the keyrings?