On Sun, Mar 04, 2018 at 05:31:59PM +0300, [email protected] wrote:
> Interesting. Here is link to pgp.mit.edu[0], where there is signature
> from <gq> is mentioned. So, maybe there is issue with servers
> synchronization?
> 
> [0]: https://pgp.mit.edu/pks/lookup?op=vindex&search=0x2E20FEEE71FC7D81

No clue.

> Maybe it worth documenting, from what exactly keyserver does nm.debian.org
> fetch information?

The webapp default is pool.sks-keyservers.net, but the deployed thing
may use a different setting I can't see (as I don't have access to it).

I have done a --recv-keys from pgp.mit.edu and pushed to sks-keyservers
and then triggered a refresh on nm.d.o, and it's now shown.

> > So I can only confirm that:
> > [...]
> > 2) your key is about to expire very soon.
> 
> What constitutes 'very soon'? My expires in two months. Is it considered
> soon? And if it is, what expiration time is recommended?

Two months is definitely two short.  Remember that the live debian
keyring is updated only once ever month, in a irregolar day, so if you
keep such a short expiry you *will* end up with a expired key in the
keyring (therefore blocking your GPG access throughout the
infrastructure).

-- 
regards,
                        Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540      .''`.
more about me:  https://mapreri.org                             : :'  :
Launchpad user: https://launchpad.net/~mapreri                  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-

Attachment: signature.asc
Description: PGP signature

Reply via email to