Doc: Installation guide should avoid using apt-key

[taxmeifyoucan]

Installation guide suggest downloading PGP key of the maintainer from a keyserver and then adding it as trusted key using apt-key. This is easy and clear way of adding the repository, however apt-key is being deprecated since it can enable certain security vulnerabilities. In the future releases of Debian/Ubuntu, it won't be supported and docs should adopt another way of adding the repo.

Seems like a proper way would be to copy the gpg file to keyrings directory and refer to it in the deb repo sources.list, e.g. Brave offers pretty simple instructions which seem correct.

I am interested in your opinion, maybe it is not a considerable security issue but the software deprecation should be taken into account for the future.

[Kixunil]

Yep, it is definitely planned for bullseye to change the doc. It's definitely not a security issue (all packages have root anyway). My understanding is that the Debian team considers it a cleaner approach (easier to manage the keys) and I agree with this.