Monitor the validity of all OpenPGP keys shipped with Tails
Sysadmins currently do not have an automated monitoring of the validity of OpenPGP keys shipped with Tails. What currently happens is that developers get notified with 1 month in advance by the Tails test suite, and then they have to notify sysadmins to take care of this.
We should add such monitoring to the Tails infrastructure monitoring system.
Note that the current test in tails.git failed to notice one corner case scenario that already occurred: extending the validity of a master key but letting the encryption subkey expire (#17887 (comment 183587)). It would be sweet if the new monitoring check took care of this too.