... | ... | @@ -1624,7 +1624,10 @@ already being discussed in [tpo/tpa/team#29671](https://gitlab.torproject.org/tp |
|
|
|
|
|
Finally, note that OpenPGP keys are not permanent: they can be
|
|
|
revoked, or expired. Dealing with this problem has its specific [set
|
|
|
of solutions](https://karl.kornel.us/2017/10/welp-there-go-my-git-signatures/) as well.
|
|
|
of solutions](https://karl.kornel.us/2017/10/welp-there-go-my-git-signatures/) as well. GitHub [marks signatures as verified](https://github.blog/changelog/2022-05-31-improved-verification-of-historic-git-commit-signatures/) for
|
|
|
expired or revoked (but not compromised) keys, but has a special
|
|
|
mouse-over showing exactly what's going on with that key, which seems
|
|
|
like a good compromise.
|
|
|
|
|
|
### Related
|
|
|
|
... | ... | |