https://bridges.torproject.org/keys shows outdated keys

While looking at https://bridges.torproject.org/keys that the online keys expired 2015-09-11. It seems the document needs an update. And s/will will not/will not/.

added actualpoints::0.5 component::circumvention/bridgedb ex-sponsor-19 owner::phw parent::31279 points::1 priority::medium resolution::fixed reviewer::cohosh s30-o22a2 severity::normal sponsor::30-can status::closed type::defect labels

Trac:
Description: While looking at https://bridges.torproject.org/keys that the online keys expired 2015-09-11. It seems the document needs an update. And s/will will not/will not/

to

While looking at https://bridges.torproject.org/keys that the online keys expired 2015-09-11. It seems the document needs an update. And s/will will not/will not/.

Closed #20498 (moved) as a dupe

Trac:
Reviewer: N/A to N/A

Trac:
Points: N/A to 1
Status: new to assigned
Sponsor: N/A to Sponsor19
Owner: isis to N/A

another approach besides updating the key might be to figure out what the key is actually used for, notice that it hasn't been working for three+ years and nobody minded, and change the design to not need this key anymore.

Adding the keyword to mark everything that didn't fit into the time for sponsor 19.

Trac:
Keywords: N/A deleted, ex-sponsor-19 added

Moving from Sponsor 19 to Sponsor 30.

Trac:
Sponsor: Sponsor19 to Sponsor30-can

BridgeDB is (or was) able to sign its email distributor's responses. As far as I can tell, the feature no longer works. I suggest to remove the feature: it's quite a bit of complexity that currently serves no purpose. If somebody ever wants to resurrect it, it will still be part of our commit log.

For what it's worth, BridgeDB's log files suggest that it occasionally gets requests for the PGP keys. This happened several times in today's logs. We should spend one or two hours trying to figure out if we can update these keys.

Change tickets that are assigned to nobody to "new".

Trac:
Status: assigned to new

Here's a patch that rips out PGP support: https://github.com/NullHypothesis/bridgedb/compare/develop...defect/17548?expand=1

Trac:
Status: new to needs_review

Trac:
Owner: N/A to phw
Status: needs_review to assigned

Trac:
Owner: phw to cohosh

oops

Trac:
Owner: cohosh to phw
Reviewer: N/A to cohosh

This looks good. Just a two comments:

• there's still a test with a gpg key request in it here

• the README should be updated as well: https://github.com/NullHypothesis/bridgedb/tree/defect/17548#gnupg-email-signing

Trac:
Status: assigned to merge_ready

Replying to cohosh:

• there's still a test with a gpg key request in it here

Right, removed!

• the README should be updated as well: https://github.com/NullHypothesis/bridgedb/tree/defect/17548#gnupg-email-signing

Oops, I forgot about the README. Thanks! In fact, I also forgot to remove the .gnupg directory and the gnupg dependency in .travis.requirements.txt and requirements.txt.

I merged the branch in commit 4cdd6a6 and deployed it on polyanthum.

Trac:
Status: merge_ready to closed
Keywords: N/A deleted, s30-o21a2 added
Parent: N/A to #31279 (closed)
Actualpoints: N/A to 0.5
Resolution: N/A to fixed

Trac:
Keywords: s30-o21a2 deleted, s30-o22a2 added

closed

changed time estimate to 8h

added 4h of time spent