Bug #17133: Update our OpenPGP keys in 2020

Bug #17133

Update our OpenPGP keys in 2020

Added by intrigeri 2019-10-08 13:21:24 . Updated 2020-05-08 08:46:08 .

Status:

Confirmed

Priority:

High

Assignee:

intrigeri

Category:

Target version:

Tails_4.7

Start date:

Due date:

% Done:

Feature Branch:

Type of work:

Code

Blueprint:

Starter:

Affected tool:

Deliverable for:

Description

What we’re supposed to do each year:

Bump the master key’s expiration date by 1 year.
Generate a new signing subkey for each RM, and move it onto new smartcards (the old ones are still needed to keep the previous subkey during the transition period).
If needed, generate and split a revocation certificate for our signing key. See internal.git for details.
Update the public key in wiki/src/tails-signing.key.
Update references to the public key at least in wiki/src/doc/about/openpgp_keys.mdwn.
Create a ticket about updating our OpenPGP keys next year.

To be done at the summit during northern hemisphere Spring.

Subtasks

Related issues

Related to Tails - ~~Feature #15890~~: Update our OpenPGP keys in 2019

Resolved

2018-09-01

History

#1 Updated by intrigeri 2019-10-08 13:23:33

Assignee set to intrigeri
Priority changed from Normal to High

On ~~Feature #15890~~, I postponed the key only up to October 2020, hoping we will have a summit in Spring where we can bump it again and replace our subkeys (some of them will be almost 3 years old once we’re there). So for now I’ll keep this on my radar for next Spring.

#2 Updated by intrigeri 2019-10-08 13:24:53

related to ~~Feature #15890~~: Update our OpenPGP keys in 2019 added

#3 Updated by intrigeri 2020-03-08 15:20:16

related to #17391 added

#4 Updated by intrigeri 2020-04-07 08:32:10

Target version changed from Tails_4.5 to Tails_4.6

#5 Updated by CyrilBrulebois 2020-05-06 04:28:56

Target version changed from Tails_4.6 to Tails_4.7