Actions
Issue #2245
openSeparate the gpg keys from the releases
Start date:
04/29/2021
Due date:
% Done:
0%
Estimated time:
Resolution:
Device:
Not device specific
Grant:
Type of work:
Build system integration, System administration
Updated by Denis 'GNUtoo' Carikli over 3 years ago
Several developers involved in releases (at least me and Wolfgang) use gpg keys that do expire from time to time.
This means that before the key expires, we have to update it and send the updated key to key servers.
As the keys are published as part of the releases, at some point they become expired.
So we probably need to separate the keys from the releases.
We already had the issue once with the 0003 images: https://ftp.osuosl.org/pub/replicant/images/replicant-6.0/0003-update/security/README.txt but we will have it way more often and it would be a good idea not to have to update each releases keys in this way but do only in once and regularly.
Actions