Please add public gpg for F-14 s390x to http://fedoraproject.org/keys
Karsten Hopp
karsten at redhat.com
Thu Jan 13 20:33:22 UTC 2011
Am 13.01.2011 19:47, schrieb Todd Zullinger:
> Hi Karsten,
>
> Karsten Hopp wrote:
>> According to https://fedoraproject.org/wiki/Create_release_signing_key#fedoraproject.org
>> I need to send the attached key to this address.
>> I've also asked Jesse Keating and Dennis Gilmore to add the key to
>> the fedora-release git repository, that still needs to be done.
>> (Btw, the URL above still points to a CVS repository, that should be
>> changed to the git repo)
>>
>> If there are any questions you can find me as either karsten_ or
>> Kick_ in #fedora-devel on freenode IRC
>>
>> Thanks
>> Karsten Hopp (s390x secondary arch maintainer)
>
>> pub 1024D/FDB36B03 2010-12-23 Fedora (14-s390x)<fedora at fedoraproject.org>
>> sub 2048g/E363096B 2010-12-23
>
> Just wanted to reply and verify this, in case someone spoofed your
> address (since this request wasn't signed with the GPG key on record
> for your Fedora account ;).
>
> Also, any reason why the key has an encryption subkey? The newer
> fedora releases use a larger RSA key, signing only. I'm guessing 1024
> DSA with a 2048 Elgamal is just because it's the default in older
> versions of GPG?
>
No, the request really came from me. But thanks for checking instead of blindly adding a
potential dangerous key to the official list !
I have no idea how I ended ub with a sub-key. I've followed the guide (1) to set up a
signing server with sigul and let sigul create the key instead of running gpg manually.
(1) http://fedoraproject.org/wiki/Create_release_signing_key
Karsten
More information about the websites
mailing list