#19737: gpg/gk.gpg and gpg/torbutton.gpg are expired since 2016-07-19 --------------------------------------+-------------------------- Reporter: dcf | Owner: tbb-team Type: defect | Status: new Priority: Medium | Milestone: Component: Applications/Tor Browser | Version: Severity: Normal | Resolution: Keywords: tbb-gitian | Actual Points: Parent ID: | Points: Reviewer: | Sponsor: --------------------------------------+--------------------------
Comment (by dcf): I worked around it by copying gk's current key on top of gpg/gk.gpg and gpg/torbutton.gpg. I tried using `--trust-model always` but that doesn't work because "this trust model still does not allow the use of expired, revoked, or disabled keys." Maybe it would work to migrate to using [https://www.gnupg.org/documentation/manuals/gnupg/gpgv.html gpgv], because it "assumes that all keys in the keyring are trustworthy ... it does not check for expired or revoked keys." -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19737#comment:3> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online _______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs