Actions
Issue #2248
openEnable more easy updating of release keys
Start date:
05/03/2021
Due date:
% Done:
0%
Estimated time:
Resolution:
Device:
Not device specific
Grant:
Type of work:
System administration, Wiki editions
Updated by Denis 'GNUtoo' Carikli over 3 years ago
Wolfgang wiedmeyer's key and me (in a bigger extent) have chosen to have expiration dates on our GPG keys.
This is a really good practice for security and it at least would enable me to more easily cope with the loss of my key: if I loose access to it at some point it will just expire and I will stop receiving mails that I can't decrypt anymore.
However we currently publish key the way they are at the time of the releases.
We probably need to create a new directory with all the public gpg keys having signed releases and keep updating them somehow and point to the last version of the key in the installation instructions.
Actions