Date: Tue, 5 Aug 2003 21:39:34 +0200 From: "Simon L. Nielsen" <simon@FreeBSD.org> To: David.E.Tweten@nasa.gov Cc: freebsd-doc@freebsd.org Subject: Re: Security-officer PGP Key? Message-ID: <20030805193932.GA9631@FreeBSD.org> In-Reply-To: <88080.1060111084@gilmore.nas.nasa.gov> References: <88080.1060111084@gilmore.nas.nasa.gov>
next in thread | previous in thread | raw e-mail | index | archive | help
--h31gzZEtNLTqOjlF Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2003.08.05 12:18:04 -0700, Dave Tweten wrote: > I just received a PGP signed message, supposedly from=20 > security-officer@freebsd.org, for which I did not have the matching publi= c=20 > key. Reflexively, I fetched it, and then began looking into it with an= =20 > eye toward signing it so PGP would no longer call it "untrusted." >=20 > To my shock, I found I had two public keys for security-officer, one=20 > vintage 4/22/1996, =46rom: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/pgpkeys.html#PGPK= EYS-OFFICERS pub 1024D/CA6CDFB2 2002-08-27 FreeBSD Security Officer <security-officer@F= reeBSD.org> Key fingerprint =3D C374 0FC5 69A6 FBB1 4AED B131 15D6 8804 CA6C DFB2 sub 2048g/A3071809 2002-08-27 pub 1024R/73D288A5 1996-04-22 FreeBSD Security Officer (Deprecated key) <s= ecurity-officer@freebsd.org> Key fingerprint =3D 41 08 4E BB DB 41 60 71 F9 E5 0E 98 73 AF 3F 11 uid FreeBSD Security Officer <security-officer@f= reebsd.org> I just checked that the the announcment I recieved was signed with CA6CDFB2 which is listed as the current key. The new key CA6CDFB2 is, among others, signed by the old key 73D288A5. > My next step was to check the list of valid keys at the back of the=20 > FreeBSD Handbook. Further shock. It lists the 4/22/1996 key and not the= =20 > more recent one just downloaded. I immediately deleted the more recent= =20 > key, and drafted this message. Which exact handbook version are you refering to? Everything looks OK to me. --=20 Simon L. Nielsen FreeBSD Documentation Team --h31gzZEtNLTqOjlF Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (FreeBSD) iD8DBQE/MAf0h9pcDSc1mlERAsxHAJ0ZHg6CaAuyE49xgZ/enel2Go7N3gCdHX7c VbQ2yOdY33ToO0k0oYjFUb4= =fxGg -----END PGP SIGNATURE----- --h31gzZEtNLTqOjlF--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030805193932.GA9631>