securedrop
securedrop copied to clipboard
Phase out old signing key in `securedrop-admin`
securedrop-admin
currently still trusts the old signing key for releases. It's been more than a year since the full key rotation (not to be confused with the recent expiry bump), so I think this can be safely phased out:
https://github.com/freedomofpress/securedrop/blob/2f2db872f60bbc9024e0b35b8ebcdc2f5695acb2/admin/securedrop_admin/init.py#L49-L55
Yup, tis an easy fix/test, adding to 2.5.0