Update debian repository instructions
As well as the 'deb.torproject.org-keyring' package to use the signing key in a more secure manner. the problem is that "apt-key add -" saves the key to /etc/apt/trusted.gpg.d/, and apt tries all the keys stored there to verify signatures of all repos.
third party repos should use /usr/share/keyrings/ for (non-ASCII-armored) keyrings and explicitly pin their repo to their own keyring, e.g.
deb [arch=amd64 signed-by=/usr/share/keyrings/tor_keyring.gpg] https://...
more on this can be found here: