[feat] expired public key are remotely fetched if expired

- private key is not allowed to be fetched remotely
- fetch_remote needs to be specifically set
- if a new key is fetched (ie different KeyID), the validation
  rule applies

1 files changed, 1 insertions, 1 deletions

diff --git a/src/leap/bitmask/keymanager/keys.py b/src/leap/bitmask/keymanager/keys.py
index 4a3aa403..6c0c64ff 100644
--- a/src/leap/bitmask/keymanager/keys.py
+++ b/src/leap/bitmask/keymanager/keys.py
@@ -330,7 +330,7 @@ class OpenPGPKey(object):
     def needs_renewal(self, pre_expiration_threshold=DEFAULT_THRESHOLD):
         """
         Indicates if the key is inside the renewal period. For ease of
-        transition keys should be renewed before they expire.
+        transition keys should be renewed/extended before they expire.
 
         :param pre_expiration_threshold: the amount of days before expiry date
                 whereby the key should be renewed -- default value is 60 days