On Fri, May 09, 2025 at 12:57:41PM -0700, Vagrant Cascadian wrote: > On 2025-05-09, Ludovic Courtès wrote: > > To avoid problems, I suggest you send your account name as a public > > reply to this message, in a signed message. > > I have noticed that several of the replies have expired keys, and I have > not found the updated keys on keyservers. > > I usually have pulled key updates from savannah: > > > https://savannah.gnu.org/project/memberlist-gpgkeys.php?group=guix&download=1 > > But after having done so, several keys still show as expired. > > Additionally, I have not successfully verified any of the keys with > in-lined signatures, though perhaps those are also expired keys as > well...
I've been using the home-parcimonie-service and so I guess it's been
working for me.
I also have this snippet installed to ~/bin/update-guix-keyring to fetch
any changes from Savannah and I run it once a week.
(define %update-guix-gpg-keyring
(program-file
"update-guix-members-gpg-keys"
#~(let ((gpg-keyring (tmpnam))
(keyring-file
"https://savannah.gnu.org/project/memberlist-gpgkeys.php?group=guix&download=1";))
((@ (guix build download) url-fetch) keyring-file gpg-keyring)
(system* "gpg" "--import" gpg-keyring)
;; Clean up after ourselves.
(delete-file gpg-keyring))))
--
Efraim Flashner <efr...@flashner.co.il> אפרים פלשנר
GPG key = A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted
signature.asc
Description: PGP signature
