WikiLeak

The wikileaks.org PGP Key discussion page is a bit worrying:

The published PGP key 0x11015F80 for wikileaks@wikileaks.org has expired on 2nd November 2007

[...]

Another week has gone by, and the wikileaks@wikileaks.org PGP key is still Expired, without replacement (10 November 2007)

Technically a Pretty Good Privacy PGP public encryption or digital signing key does not need to be associated with a particular email address, and could, for example be used to encrypt documents or data sent to the wiklileaks.org project via the postal mail system. It is conventional to associate each published PGP key with a suitable email address.

It does not inspire a nice warm, comfortable feeling of trust and security in the professionalism of wikileaks.org, if their only published PGP key expired 2 weeks ago !

Why not Digitally Sign press releases, volunteer emails etc ?

Indeed - wikileaks.org must be a target for professional or amateur attacks on its still opaque and untrustworthy "security through obscurity" technical infrastructure.

What is their objection to making use if this widely available technology ?

If you are seen to be actively discouraging the use of PGP, some people will draw the conclusion that you are in cahoots with one or more government agencies.

Do you trust wikiileaks.org to protect your anonymity, if you are a whistleblower or leaker of private or secret documents, or even if you are one of the few experts able to sensibly analyse those leaks ?