I update the expiration on my key frequently and leave it set to no
more than one year, but as a result I forget to replace static
copies in various places. Do that again now.
Change-Id: I8879468679abc8ef2dd6b312daf35b71713f4fee
I intentionally keep a short expiration on my OpenPGP key, but this
means I need to update public copies of it at least annually.
Change-Id: I80063833200ca819b741f91a109f3f4db42e418d
I explicitly maintain a <= 1 year expiration on my public OpenPGP
key and bump it periodically. As a result, the convenience export we
publish should also be refreshed with some regularity so that an old
expired version is not served in error. Update my key here with a
more recent export.
Change-Id: I41b1292dfd2c8743e0cedfb5df1239201b318395
Prominently in the Zuul User Guide, include a brief overview of
preferred methods for reporting suspected security vulnerabilities.
Also link to it from the README in such a way that the same
reference can be reused in other related Zuul repositories following
the same policy.
Change-Id: I2bd13bd13372f26c328cd7d6b5618ee8edffe490