maflcko
commented
2 years ago Maybe remove inactive keys that haven't been used in 2 years as well? Can be added back when there is indication that they will be used again.
Closed laanwj closed 2 years ago
maflcko
commented
2 years ago Maybe remove inactive keys that haven't been used in 2 years as well? Can be added back when there is indication that they will be used again.
laanwj
commented
2 years ago That's much more dangerous (it can break the website update again because it will fail to validate the current commits) so I will leave that to a future change, possibly pending changes to the verify-commits scripts to allow specifying a last valid commit.
TheBlueMatt
commented
2 years ago You should just be able to change https://github.com/bitcoin-core/bitcoincore.org/blob/master/contrib/verify-commits/trusted-git-root to whatever the last merge commit was that the to-be-removed-key signed.
katesalazar
commented
2 years ago ACK 4c61014da3bb438a01eeff609f987e317e6f751f
katesalazar
commented
2 years ago ACK 4c61014da3bb438a01eeff609f987e317e6f751f
harding
commented
2 years ago ACK 4c61014da3bb438a01eeff609f987e317e6f751f . Verified the same keyid appears in the bitcoin repository. Thanks!
Add fanquake to the trusted keys. This will allow him to merge PRs to the website. The key id comes from bitcoin's trusted-keys.