https://www.mediawiki.org/keys/keys.html contains keys for csteipp, hexmode and markus glasser despite the fact that these people are no longer doing releases.
We should maybe indicate on the page that these keys are for verifying historical releases only, and that these people no longer do mediawiki releases.
It was also suggested on #mediawiki_security that maybe instead of using individual personal keys, we should have a mediawiki release key not tied to a specific person, perhaps using some sort of secret splitting scheme.