Docs feedback: incorrect signing key ID in omnibus

In this page, https://docs.gitlab.com/ee/administration/package_information/signed_packages.html, we see the following:

GnuPG Public Keys

All packages are signed with GnuPG, in a method appropriate for their format. The key used to sign these packages can be found on pgp.mit.edu at 0x3cfcf9baf27eab47

There are a few things wrong with that sentence.

pgp.mit.edu is slow and shouldn't really be used for anything, keys.openpgp.org is the right place for keys these days
that key is not actually the signing key, as far as I know. the key i have here (and which is expired today, which brought me here), is :

pub   rsa4096/3F01618A51312F3F 2020-03-02 [SC] [expired: 2022-03-02]
      F6403F6544A38863DAA0B6E03F01618A51312F3F
uid                 [ expired] GitLab B.V. (package repository signing key) <packages@gitlab.com>

so that fingerprint should be updated.

Edited Dec 01, 2025 by 🤖 GitLab Bot 🤖