The GPG keys for signing the LiveConfig packages and repositories are replaced every three years for security reasons.
From today, a new GPG key is used:

Key name: LiveConfig Package Signer <>
Key ID old: 08708961 (2048 bit, valid until 2017/11/05)
Key ID new: 3A2B2840 (4096 bit, valid until 2020/09/19)

The new key was already installed automatically with LiveConfig v2.5.0. For older installations, the key must be updated manually:

wget -O - | apt-key add -
rpm --import

When not updating the key, you'll get an error message when trying to update LiveConfig packages - on Debian for example like this:
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: main InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY E73A23BF3A2B2840

W: Failed to fetch
W: Some index files failed to download. They have been ignored, or old ones used instead.