GitLab

What we’re supposed to do each year:

• Bump the master key’s expiration date by 1 year.
• Generate a new signing subkey for each RM, and move it onto new smartcards (the old ones are still needed to keep the previous subkey during the transition period).
• If needed, generate and split a revocation certificate for our signing key. See internal.git for details.
• Update the public key in wiki/src/tails-signing.key.
• Update references to the public key at least in wiki/src/doc/about/openpgp_keys.mdwn.
• Create an issue about updating our OpenPGP keys next year.

To be done at the summit during northern hemisphere Spring.