I recently got the GPG error: tor+https://deb.whonix.org trixie InRelease: The following signatures were invalid: EXPKEYSIG CB8D50BB77BB3C48 Patrick Schleizer adrelanos@kicksecure.com.
I keep Patrick’s key in Kleopatra and other places because I use whonix all the time. I’ve never gotten this error before, but it looks like Patrick’s key expired on 1/23/26. I read the part about curling Patrick’s new key and can do that.
@Patrick, do you have any way to sign your new key with your old expired key so it’s clear it’s you? Or if there i a better more customary way to check, that would be great. Or if that already happened, can someone link to it? I tried to find the answer in the documentation.
Call me paranoid, but I just want to make sure Patrick’s new key isn’t controlled by someone else.
