You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by bu...@apache.org on 2016/04/20 14:19:07 UTC

[Bug 59359] New: (Task) Extend validity period for signing KEY - before next release

https://bz.apache.org/bugzilla/show_bug.cgi?id=59359

            Bug ID: 59359
           Summary: (Task) Extend validity period for signing KEY - before
                    next release
           Product: Taglibs
           Version: nightly
          Hardware: PC
            Status: NEW
          Severity: enhancement
          Priority: P2
         Component: Standard Taglib
          Assignee: dev@tomcat.apache.org
          Reporter: knst.kolinko@gmail.com

Thread on users@tomcat, "pgp-keys jsp taglibs", 2016-04
http://tomcat.markmail.org/thread/keajyd3iq2tfrjr7

Just a reminder.

$ gpg --list-keys A7A0233C

pub   2048R/A7A0233C 2012-02-25 [expired: 2016-02-25]
uid                  Jeremy Boynes <jb...@apache.org>


The declared validity period for the key (the one in the KETS file on download
server) has passed.

It is OK for past releases, but for a new release something has to be done
here.

It is possible to extends the validity period for an existing key. Links:

http://unix.stackexchange.com/questions/177291/how-to-renew-an-expired-keypair-with-gpg

http://superuser.com/questions/813421/can-you-extend-the-expiration-date-of-an-already-expired-gpg-key

https://help.riseup.net/en/security/message-security/openpgp/best-practices#use-an-expiration-date-less-than-two-years

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org