Re: Expired GPG keys of older release
- Date: Tue, 19 Jun 2018 13:48:23 -0700
- From: Don Armstrong <don@xxxxxxxxxx>
- Subject: Re: Expired GPG keys of older release
On Tue, 19 Jun 2018, Adam Cecile wrote:
> That's a pity, don't you think so ? I think Debian should renew the
> archive key, so we can still verify packages signatures.
You can still verify them. Key expiration doesn't make existing
signatures invalid. [Indeed, gpgv doesn't even check for expired keys.]
Don Armstrong https://www.donarmstrong.com
Where I sleep at night, is this important compared to what I read
during the day? What do you think defines me? Where I slept or what I
did all day?
-- Thomas Van Orden of Van Orden v. Perry