Separate the gpg keys from the releases
Updated by Denis 'GNUtoo' Carikli 5 months ago
Several developers involved in releases (at least me and Wolfgang) use gpg keys that do expire from time to time.
This means that before the key expires, we have to update it and send the updated key to key servers.
As the keys are published as part of the releases, at some point they become expired.
So we probably need to separate the keys from the releases.
We already had the issue once with the 0003 images: https://ftp.osuosl.org/pub/replicant/images/replicant-6.0/0003-update/security/README.txt but we will have it way more often and it would be a good idea not to have to update each releases keys in this way but do only in once and regularly.