Feature #14484
Update our OpenPGP keys in 2018
Start date:
2017-09-01
Due date:
% Done:
100%
Description
What we’re supposed to do each year:
- Bump the master key’s expiration date by 1 year.
- Generate a new signing subkey for each RM, and move it onto new smartcards (the old ones are still needed to keep the previous subkey during the transition period).
- If needed, generate and split a revocation certificate for our signing key. See internal.git for details.
- Create a ticket about updating our OpenPGP keys next year.
To be done at the summit during northern hemisphere summer.
Subtasks
Feature #14582: Ensure we have enough OpenPGP smartcard/GNUK hardware for our 2018 keys update | Resolved | 100 |
Related issues
Related to Tails - |
Resolved | 2016-08-30 | |
Blocks Tails - |
Resolved | 2018-02-20 | |
Copied to Tails - |
Resolved | 2018-09-01 |
History
#1 Updated by intrigeri 2017-08-28 17:10:05
- related to
Feature #11747: Update our OpenPGP keys in 2017 added
#2 Updated by intrigeri 2017-09-01 12:40:32
- Description updated
Let’s try not to forget the master key next year..
#3 Updated by intrigeri 2018-08-31 04:27:50
- Status changed from Confirmed to In Progress
- Type of work changed from Sysadmin to Code
#4 Updated by intrigeri 2018-09-01 09:49:49
- blocks
Feature #15334: Core work 2018Q3: Foundations Team added
#5 Updated by intrigeri 2018-09-01 09:50:25
- copied to
Feature #15890: Update our OpenPGP keys in 2019 added
#6 Updated by intrigeri 2018-09-01 09:51:45
- Feature Branch set to bugfix/14484-update-openpgp-signing-key
#7 Updated by intrigeri 2018-09-01 09:59:37
- Assignee changed from intrigeri to sajolida
- QA Check set to Ready for QA
Can you please review this by Monday night? Otherwise I’ll merge this myself (otherwise we’ll make upgrades harder than they should be for some users).
#8 Updated by sajolida 2018-09-02 09:15:57
- Status changed from In Progress to Resolved
- Assignee deleted (
sajolida) - QA Check deleted (
Ready for QA)
It all looks good! Merged.