Date: Tue, 5 Aug 2003 21:39:34 +0200 From: "Simon L. Nielsen" <simon@FreeBSD.org> To: David.E.Tweten@nasa.gov Cc: freebsd-doc@freebsd.org Subject: Re: Security-officer PGP Key? Message-ID: <20030805193932.GA9631@FreeBSD.org> In-Reply-To: <88080.1060111084@gilmore.nas.nasa.gov> References: <88080.1060111084@gilmore.nas.nasa.gov>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] On 2003.08.05 12:18:04 -0700, Dave Tweten wrote: > I just received a PGP signed message, supposedly from > security-officer@freebsd.org, for which I did not have the matching public > key. Reflexively, I fetched it, and then began looking into it with an > eye toward signing it so PGP would no longer call it "untrusted." > > To my shock, I found I had two public keys for security-officer, one > vintage 4/22/1996, From: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/pgpkeys.html#PGPKEYS-OFFICERS pub 1024D/CA6CDFB2 2002-08-27 FreeBSD Security Officer <security-officer@FreeBSD.org> Key fingerprint = C374 0FC5 69A6 FBB1 4AED B131 15D6 8804 CA6C DFB2 sub 2048g/A3071809 2002-08-27 pub 1024R/73D288A5 1996-04-22 FreeBSD Security Officer (Deprecated key) <security-officer@freebsd.org> Key fingerprint = 41 08 4E BB DB 41 60 71 F9 E5 0E 98 73 AF 3F 11 uid FreeBSD Security Officer <security-officer@freebsd.org> I just checked that the the announcment I recieved was signed with CA6CDFB2 which is listed as the current key. The new key CA6CDFB2 is, among others, signed by the old key 73D288A5. > My next step was to check the list of valid keys at the back of the > FreeBSD Handbook. Further shock. It lists the 4/22/1996 key and not the > more recent one just downloaded. I immediately deleted the more recent > key, and drafted this message. Which exact handbook version are you refering to? Everything looks OK to me. -- Simon L. Nielsen FreeBSD Documentation Team [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (FreeBSD) iD8DBQE/MAf0h9pcDSc1mlERAsxHAJ0ZHg6CaAuyE49xgZ/enel2Go7N3gCdHX7c VbQ2yOdY33ToO0k0oYjFUb4= =fxGg -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030805193932.GA9631>