[Geany-Users] Geany's GPG key has expired?
elextr at xxxxx
Thu Jul 8 10:55:49 UTC 2021
I'm no GPG expert, but IIUC the fact that the key is expired doesn't
affect the ability to verify a signature as one of the components of
verification is that the signature happened before expiry.
Just that the key expiry will need to be extended before it is used to
sign the next release, but that is not your problem.
On Thu, 8 Jul 2021 at 20:13, Wandering Swordsman via Users
<users at lists.geany.org> wrote:
> I'm not that familiar with mailing lists so I hope I'm posting this correctly.
> I was trying to compile Geany with the geany-1.37.1.tar.gz from https://geany.org/download/releases/
> However when I downloaded the GPG Signature (geany-1.37.1.tar.gz.sig) and the GPG Key (colombanw-pubkey.txt) and compared them I got a "This key has expired!" warning.
> gpg --verify geany-1.37.1.tar.gz.sig geany-1.37.1.tar.gz
> gpg: Signature made Sun 08 Nov 2020 10:20:32 AM MST
> gpg: Good signature from "Colomban Wendling <ban at ban.netlib.re>" [expired]
> gpg: aka "Colomban Wendling <ban at herbesfolles.org>" [expired]
> gpg: aka "Colomban Wendling <lists.ban at herbesfolles.org>" [expired]
> gpg: Note: This key has expired!
> Users mailing list
> Users at lists.geany.org
More information about the Users