From: Carlos Maiolino <cem@kernel.org>
To: "Carlos E. R." <robin.listas@telefonica.net>
Cc: Linux-XFS mailing list <linux-xfs@vger.kernel.org>
Subject: Re: [ANNOUNCE] GPG key update
Date: Fri, 19 Apr 2024 08:29:43 +0200 [thread overview]
Message-ID: <phtliir2jh2tjsmupeavh6jx4bwpyhkganaho2aph453rgo4xc@2pevxtjkp3ki> (raw)
In-Reply-To: <3b60a114-762e-4139-9e78-8c8378454c7a@telefonica.net>
On Thu, Apr 18, 2024 at 08:02:09PM +0200, Carlos E. R. wrote:
> On 2024-04-18 10:23, Carlos Maiolino wrote:
> > Hi,
> > I didn't mean to send such email, but more than one person already asked me about it, so, sharing it
> > for a broader audience.
> >
> >
> > TL;DR;
> >
> > I started to use a new key to sign stuff two months ago, if you had any key mismatch problem, update
> > your keyring. My apologies for any trouble.
> >
> >
> > == Long Version ==
>
> ...
>
> > My certify (or master key) is still the same: 4020459E58C1A52511F5399113F703E6C11CF6F0
> > With a new extra subkey added under it: 0C1D891C50A732E0680F7B644675A111E50B5FA6
>
> I only wanted to point out that the network of GPG keyservers is broken,
> since the attack they suffered a few years back.
>
> For instance, Thunderbird internal key manager finds your keys ID above,
> apparently using "vks://keys.openpgp.org, hkps://keys.mailvelope.com".
>
> However, kleopatra (Plasma key manager) doesn't (using hkp://keys.gnupg.net
> or hkps://hkps.pool.sks-keyservers.net, not clear which).
>
>
> That is, keys are not propagated through all the servers as they were in the
> past.
You listed several reasons why kernel.org keeps its own repository with maintainers keys :)
There are even instructions on how to automatically update the keys based on kernel.org repository:
https://korg.docs.kernel.org/pgpkeys.html#automatically-refreshing-keys
So, everybody relying on maintainers keys can keep their keyring updated.
> > And directly from the kernel.org's database:
> >
> > pgpkeys $ man gp --with-subkey-fingerprint keys/13F703E6C11CF6F0.asc
> > pub ed25519 2022-05-27 [C]
> > 4020459E58C1A52511F5399113F703E6C11CF6F0
> > uid Carlos Eduardo Maiolino <carlos@maiolino.me>
> > uid Carlos Eduardo Maiolino <cmaiolino@redhat.com>
> > uid Carlos Eduardo Maiolino <cem@kernel.org>
> > sub ed25519 2022-05-27 [A]
> > 36C5DFE1ECA79D1D444FDD904E5621A566959599
> > sub ed25519 2022-05-27 [S]
> > FA406E206AFF7873897C6864B45618C36A24FD23 <-- Old key still valid
> > sub cv25519 2022-05-27 [E]
> > 5AE98D09B21AFBDE62EE571EE01E05EA81B10D5C
> > sub nistp384 2024-02-15 [A]
> > D3DF1E315DBCB4EDF392D6ED2BE8B50768C99F00
> > sub nistp384 2024-02-15 [S]
> > 0C1D891C50A732E0680F7B644675A111E50B5FA6 <-- New key
> > sub nistp384 2024-02-15 [E]
> > C79922EE45DEA3F58B99B4701201F4FA234EEFD8
>
>
> Information obtained once I changed the keyserver:
>
> cer@Telcontar:~> gpg --list-keys \
> 4020459E58C1A52511F5399113F703E6C11CF6F0
> pub ed25519 2022-05-27 [C]
> 4020459E58C1A52511F5399113F703E6C11CF6F0
> uid [ full ] Carlos Eduardo Maiolino <carlos@maiolino.me>
> uid [ full ] Carlos Eduardo Maiolino <cem@kernel.org>
> uid [ full ] Carlos Eduardo Maiolino <cmaiolino@redhat.com>
> sub ed25519 2022-05-27 [A]
> sub ed25519 2022-05-27 [S]
> sub nistp384 2024-02-15 [A]
> sub nistp384 2024-02-15 [S]
> sub nistp384 2024-02-15 [E]
> sub cv25519 2022-05-27 [E]
>
>
>
> --
> Cheers / Saludos,
>
> Carlos E. R.
> (from 15.5 x86_64 at Telcontar)
>
prev parent reply other threads:[~2024-04-19 6:29 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-04-18 8:23 [ANNOUNCE] GPG key update Carlos Maiolino
2024-04-18 18:02 ` Carlos E. R.
2024-04-19 6:29 ` Carlos Maiolino [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=phtliir2jh2tjsmupeavh6jx4bwpyhkganaho2aph453rgo4xc@2pevxtjkp3ki \
--to=cem@kernel.org \
--cc=linux-xfs@vger.kernel.org \
--cc=robin.listas@telefonica.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).