After almost a week of direct questioning, canary is still not updated:
https://riseup.net/pl/about-us/canary
Certificate fingerprints deleted for certain domains on Oct. 22nd without notice:
https://github.com/riseupnet/riseup_help/commit/8a8c98e0aaa635130a899c1980569f34633d159d
Page where fingerprints no longer appear:
https://riseup.net/pl/security/network-security/certificates
In the universe of possible media in which to conduct discussions with a group of peers, there may be none less safe than SMTP email mailing lists. Keep secrets off mailing lists. Never use mailing lists for secrets. Assume your mailing lists are public. Nobody is going to deploy a mailing list security solution that will ever be adequate against state-level adversaries. Any site claiming to keep political activists secure that offers mailing lists should be viewed with suspicion, because "don't use mailing lists" is close to the only thing that messaging security people agree about.