Update our OpenPGP keys in 2021
What we’re supposed to do each year:
- Bump the master key’s expiration date by 1 year.
- Generate a new signing subkey for each RM, and move it onto new smartcards (the old ones are still needed to keep the previous subkey during the transition period).
- If needed, generate and split a revocation certificate for our signing key. See internal.git for details.
- Update the public key in
- Update references to the public key at least in
- Create an issue about updating our OpenPGP keys next year.
To be done at the summit during northern hemisphere Spring.
To upload designs, you'll need to enable LFS and have admin enable hashed storage. More information