Update our OpenPGP keys in 2019
What we’re supposed to do each year:
- Bump the master key’s expiration date by 1 year.
- Generate a new signing subkey for each RM, and move it onto new smartcards (the old ones are still needed to keep the previous subkey during the transition period).
- If needed, generate and split a revocation certificate for our signing key. See internal.git for details.
- Update the public key in
wiki/src/tails-signing.key
. - Update references to the public key at least in
wiki/src/doc/about/openpgp_keys.mdwn
. - Create a ticket about updating our OpenPGP keys next year.
To be done at the summit during northern hemisphere summer.
Subtasks
Related issues
- Related to #16327 (closed)
- Related to #17133
- Copied from #14484 (closed)
Original created by @intrigeri on 15890 (Redmine)