If your keys are already too old, causing signature verification errors when installing packages, then in order to install this package you can do the following:
…
temporarily disable signature verification (see variable `package-check-signature’).
package-check-signature is a variable defined in ‘package.el’.
Its value is ‘allow-unsigned’
Non-nil means to check package signatures when installing.
More specifically the value can be:
- nil: package signatures are ignored.
- ‘allow-unsigned’: install a package even if it is unsigned, but
if it is signed, we have the key for it, and OpenGPG is
installed, verify the signature.
- t: accept a package only if it comes with at least one verified signature.
- ‘all’: same as t, except when the package has several signatures,
in which case we verify all the signatures.
This also applies to the "archive-contents" file that lists the
contents of the archive.
This variable may be risky if used as a file-local variable.
This variable was introduced, or its default value was changed, in
version 27.1 of Emacs.
You can customize this variable.