[Bug 59359] New: (Task) Extend validity period for signing KEY - before next release

bugzilla Wed, 20 Apr 2016 05:19:54 -0700

https://bz.apache.org/bugzilla/show_bug.cgi?id=59359


            Bug ID: 59359
           Summary: (Task) Extend validity period for signing KEY - before
                    next release
           Product: Taglibs
           Version: nightly
          Hardware: PC
            Status: NEW
          Severity: enhancement
          Priority: P2
         Component: Standard Taglib
          Assignee: [email protected]
          Reporter: [email protected]

Thread on users@tomcat, "pgp-keys jsp taglibs", 2016-04
http://tomcat.markmail.org/thread/keajyd3iq2tfrjr7

Just a reminder.

$ gpg --list-keys A7A0233C

pub   2048R/A7A0233C 2012-02-25 [expired: 2016-02-25]
uid                  Jeremy Boynes <[email protected]>


The declared validity period for the key (the one in the KETS file on download
server) has passed.

It is OK for past releases, but for a new release something has to be done
here.

It is possible to extends the validity period for an existing key. Links:

http://unix.stackexchange.com/questions/177291/how-to-renew-an-expired-keypair-with-gpg

http://superuser.com/questions/813421/can-you-extend-the-expiration-date-of-an-already-expired-gpg-key

https://help.riseup.net/en/security/message-security/openpgp/best-practices#use-an-expiration-date-less-than-two-years

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[Bug 59359] New: (Task) Extend validity period for signing KEY - before next release

Reply via email to