Public key for verification of download expired

[polymorphito]

Hey guys,

the public GNU key of Alejandro Garcia on your website for verification of Bisq downloads has expired with 27/09/2024. Could you please replace it with a key up to date?

Or is there no reason to worry about that?

Looking forward to an answer, best regards

Chris

[boring-cyborg]

Thanks for opening your first issue here!

Be sure to follow the issue template. Your issue will be reviewed by a maintainer and labeled for further action.

[dauphinet]

I am having the same issue!

gpg: Signature faite le 06/24/24 02:54:15 Paris
gpg: avec la clef RSA 987654321
gpg: Bonne signature de « Alejandro García [email protected] » [expirée]
gpg: Remarque : cette clef a expiré.
Empreinte de clef principale : 123456789

[ncorbuk]

yes im verifying and i come here to check and it seems the key is old from June what is this all about?

[suddenwhipvapor]

The verification works correctly following the instructions on https://github.com/bisq-network/bisq/releases/tag/v1.9.18
Just tested myself:

gpg: assuming signed data in 'Bisq-64bit-1.9.18.deb'
gpg: Signature made ven 22 nov 2024, 20:36:15 CET
gpg:                using RSA key B493319106CC3D1F252E19CBF806F422E222AA02
gpg: Good signature from "Alejandro García <[email protected]>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: B493 3191 06CC 3D1F 252E  19CB F806 F422 E222 AA02