On Jul 19, 2017 08:43, "Matt Sicker" <[email protected]> wrote:
On 18 July 2017 at 15:02, Stefan Bodewig <[email protected]> wrote: > > We shouldn't remove any key that has been used to sign a release in the > past. No matter how long in the past :-) > What about expired keys? Can't those still be used to validate old releases? Gary -- Matt Sicker <[email protected]>
