libressl/portable

libressl-3.8.3.tar.gz.asc key is expired?

orbea opened this issue · 5 comments

orbea commented

With the Gentoo ebuild.

[  ERROR] OpenPGP verification failed for <_io.BufferedReader name='/var/tmp/portage/dev-libs/libressl-3.8.3/distdir/libressl-3.8.3.tar.gz'> (sig in /var/tmp/portage/dev-libs/libressl-3.8.3/distdir/libressl-3.8.3.tar.gz.asc):
OpenPGP signature rejected because of expired key:
gpg: Signature made Sat 09 Mar 2024 08:34:40 PM UTC
gpg:                using RSA key 6F67522EC596C025B24549911FFAA0B24B708F96
gpg: Good signature from "keybase.io/busterb <busterb@keybase.io>" [expired]
gpg:                 aka "Brent Cook <busterb@gmail.com>" [expired]
gpg:                 aka "Brent Cook <bcook@openbsd.org>" [expired]
gpg: Note: This key has expired!
Primary key fingerprint: A1EB 079B 8D3E B92B 4EBD  3139 663A F51B D5E4 D8D5
     Subkey fingerprint: 6F67 522E C596 C025 B245  4991 1FFA A0B2 4B70 8F96

Am I doing something wrong?

busterb commented

Try updating to the latest key from https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl.asc

Or https://keybase.io/busterb/pgp_keys.asc?fingerprint=a1eb079b8d3eb92b4ebd3139663af51bd5e4d8d5

I submitted the updated key to MIT's keyserver too, but it's so slow and broken, I'm not sure it actually worked.

orbea commented

I was sure I did that already, but upon double checking that I had the right .asc file I see something went wrong so I tried again and now it works. Thanks for the help!

vszakats commented

pgpkeys.eu and keyserver.ubuntu.com continue serving expired keys.

@busterb: If not too much bother, can you upload the new key to these? It'd help replicating it faster to further servers.

busterb commented
  • ❤️1
vszakats commented

Thank you @busterb!