* The inclusion of the secured tree is now controlled by the

SECURED environment variable. It is *disabled* by default
  (thanks to jgg who doesn't want to correct apt even if he
  proposed the current scheme)
* Priority optional (same than in the overrides)

CONF.sh

@@ -65,6 +65,11 @@ export APTTMP=/ftp/tmp/apt
 # containing dists/$CODENAME/local/binary-$ARCH
 # export LOCALDEBS=/home/joey/debian/va/debian
 
+# If you want a <codename>-secured tree with a copy of the signed
+# Release.gpg and files listed by this Release file, then
+# uncomment this line
+# export SECURED=1
+
 # Sparc only : bootdir (location of cd.b and second.b)
 # export BOOTDIR=/boot
 

debian/CONF.sh

@@ -60,6 +60,11 @@ export APTTMP=/home/ftp/tmp/apt
 # containing dists/$CODENAME/local/binary-$ARCH
 # export LOCALDEBS=/home/joey/debian/va/debian
 
+# If you want a <codename>-secured tree with a copy of the signed
+# Release.gpg and files listed by this Release file, then
+# uncomment this line
+# export SECURED=1
+
 # Sparc only : bootdir (location of cd.b and second.b)
 # export BOOTDIR=/boot
 

debian/control

@@ -1,6 +1,6 @@
 Source: debian-cd
 Section: contrib/admin
-Priority: extra
+Priority: optional
 Maintainer: Raphael Hertzog <hertzog@debian.org>
 Build-Depends: debhelper
 Standards-Version: 3.5.2

tools/add_secured

@@ -44,6 +44,8 @@ fi
 # Create the $CODENAME-secured tree by copying files from the mirror
 # And including the Release file and its signature 
 
+if [ -n "$SECURED" ]; then
+
 test -d "dists/$CODENAME-secured" || mkdir dists/$CODENAME-secured
 if [ -e "$MIRROR/dists/$CODENAME/Release" ]; then
     # Copy Release and Release.gpg files
@@ -88,3 +90,5 @@ if [ -n "$NONUS" -a -e "$NONUS/dists/$CODENAME/non-US/Release" ]; then
     ln -sf ../files.list.gz dists/$CODENAME-secured/non-US/files.list.gz
 fi
 
+
+fi # if secured