Act on the reviews of our revocation certificate mechanism
Type of work:
We received the reviews by email on email@example.com (<firstname.lastname@example.org> and <email@example.com>).
- Consider splitting a revocation key instead of a revocation certificate. The benefit would be to have an expiry date on the key, which is not the case with a certificate.
- Regularly check with the people in the scheme to make sure that the communication channel with them is still working and that they still have the instructions and their share.
- Update "until we publish a new signing key" in the document as it won't be enough to build again trust within our user base (cf. other possible fake keys on the public key servers).