[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [webwml/staging] signing-keys: generate fingerprints from script (#22637)



commit d6608f6f949b0f7e4a9a0eabe3343ad5d3f4ef40
Author: traumschule <traumschuleriebau@xxxxxxxxxx>
Date:   Sat Sep 1 04:46:15 2018 +0200

    signing-keys: generate fingerprints from script (#22637)
    
      To update docs/en/singing-keys.wmi execute the perl script
      docs/en/update_signing-keys.pl and commit include/keys.wmi
    
      Signing keys are stored in include/keys.txt
---
 docs/en/signing-keys.wml       | 140 +-----------------------------
 docs/en/update_signing-keys.pl | 116 +++++++++++++++++++++++++
 include/keys.txt               |  32 +++++++
 include/keys.wmi               | 187 +++++++++++++++++++++++++++++++++++++++++
 4 files changed, 336 insertions(+), 139 deletions(-)

diff --git a/docs/en/signing-keys.wml b/docs/en/signing-keys.wml
index d08b4033..42d7f3f7 100644
--- a/docs/en/signing-keys.wml
+++ b/docs/en/signing-keys.wml
@@ -12,145 +12,7 @@
     <h1>Which PGP keys sign which packages</h1>
     <hr>
 
-    <p>The signing keys we use are:</p>
-    <ul>
-    <li>The Tor Browser Developers (0x4E2C6E8793298290),
-    Mike Perry (0x0E3A92E4), Georg Koppen (0x4B7C3223),
-    Nicolas Vigier (0xD0220E4B), Linus Nordberg (0x23291265)
-    and Arthur Edelstein (0xD752F538C0D38C3A)
-    sign the Tor Browser releases.</li>
-    <li>Roger Dingledine (0x28988BF5 and 0x19F78451) or Nick Mathewson
-     (0xFE43009C4607B1FB with signing key 0x6AFEE6D49E92B601)
-     sign the Tor source code tarballs. (Nick's old key was 0x165733EA
-     with signing key 0x8D29319A; it signed older tarballs.)</li>
-    <li>Tor Project Archive (0x886DDD89) signs the deb.torproject.org
-    repositories and archives.</li>
-    <li>Damian Johnson (0x9ABBEEC6) signs Arm releases.</li>
-    <li>The Tails team (0x58ACD84F) signs the Tails live system releases.</li>
-    <li>David Goulet (0x42E86A2A11F48D36) signs Torsocks releases.</li>
-    <li>Sukhbir Singh (0xB01C8B006DA77FAA) signs Tor Messenger and TorBirdy releases.</li>
-    <li>Other developers include Peter Palfrader (0xC82E0039, or its
-    subkey 0xE1DEC577).</li>
-    </ul>
-
-    The fingerprints for the keys should be:
-
-    <pre>
-    pub   1024D/28988BF5 2000-02-27
-          Key fingerprint = B117 2656 DFF9 83C3 042B  C699 EB5A 896A 2898 8BF5
-    uid                  Roger Dingledine &lt;arma@xxxxxxx&gt;
-
-    pub   4096R/19F78451 2010-05-07
-          Key fingerprint = F65C E37F 04BA 5B36 0AE6  EE17 C218 5258 19F7 8451
-    uid                  Roger Dingledine &lt;arma@xxxxxxxxxxxxxx&gt;
-    sub   4096R/B0E5067D 2015-06-10 [expires: 2016-06-09]
-
-    pub   4096R/FE43009C4607B1FB 2016-09-21 [expires: 2019-09-21]
-          Key fingerprint = 2133 BC60 0AB1 33E1 D826  D173 FE43 009C 4607 B1FB
-    uid                          Nick Mathewson &lt;nickm@xxxxxxxxxxxx&gt;
-    uid                          Nick Mathewson &lt;nickm@xxxxxxxxxxx&gt;
-    uid                          Nick Mathewson &lt;nickm@xxxxxxxxxxxxxx&gt;
-    uid                          Nick Mathewson &lt;nickm@xxxxxxxxxxxxx&gt;
-    sub   4096R/6AFEE6D49E92B601 2016-09-23 [expires: 2018-09-23]
-    sub   4096R/91DDED0286AC8BFF 2016-09-23 [expires: 2018-09-23]
-
-    pub   3072R/165733EA 2004-07-03
-          Key fingerprint = B35B F85B F194 89D0 4E28  C33C 2119 4EBB 1657 33EA
-    uid                  Nick Mathewson &lt;nickm@xxxxxxxxxxxx&gt;
-    uid                  Nick Mathewson &lt;nickm@xxxxxxxxxxx&gt;
-    uid                  Nick Mathewson &lt;nickm@xxxxxxxxxxxxx&gt;
-    sub   3072R/8D29319A 2004-07-03
-    sub   3072R/F25B8E5E 2004-07-03
-
-    pub   2048R/63FEE659 2003-10-16
-          Key fingerprint = 8738 A680 B84B 3031 A630  F2DB 416F 0610 63FE E659
-    uid                  Erinn Clark &lt;erinn@xxxxxxxxxxxxxx&gt;
-    sub   2048R/EB399FD7 2003-10-16
-
-    pub   1024D/F1F5C9B5 2010-02-03
-          Key fingerprint = C2E3 4CFC 13C6 2BD9 2C75  79B5 6B8A AEB1 F1F5 C9B5
-    uid                  Erinn Clark &lt;erinn@xxxxxxxxxxxxxx&gt;
-    sub   1024g/7828F26A 2010-02-03
-
-    pub   2048R/886DDD89 2009-09-04 [expires: 2020-08-29]
-          Key fingerprint = A3C4 F0F9 79CA A22C DBA8  F512 EE8C BC9E 886D DD89
-    uid                  deb.torproject.org archive signing key
-    sub   2048R/219EC810 2009-09-04 [expires: 2018-08-30]
-
-    pub   1024D/9ABBEEC6 2009-06-17
-          Key fingerprint = 6827 8CC5 DD2D 1E85 C4E4  5AD9 0445 B7AB 9ABB EEC6
-    uid                  Damian Johnson &lt;atagar@xxxxxxxxxxxxxx&gt;
-    sub   2048g/146276B2 2009-06-17
-    sub   2048R/87F30690 2010-08-07
-
-    pub   8192R/683686CC 2013-09-11
-          Key fingerprint = C963 C21D 6356 4E2B 10BB  335B 2984 6B3C 6836 86CC
-    uid                  Mike Perry (Regular use key) &lt;mikeperry@xxxxxxxxxxxxxx&gt;
-    sub   4096R/0F129402 2015-09-07 [expires: 2016-09-11]
-    sub   4096R/ACC0A961 2015-09-07 [expires: 2016-09-11]
-
-    pub   4096R/C5AA446D 2010-07-14
-          Key fingerprint = 261C 5FBE 7728 5F88 FB0C  3432 66C8 C2D7 C5AA 446D
-    uid                  Sebastian Hahn &lt;mail@xxxxxxxxxxxxxxxxx&gt;
-    sub   2048R/A2499719 2010-07-14
-    sub   2048R/140C961B 2010-07-14
-
-    pub   4096R/C82E0039 2003-03-24
-          Key fingerprint = 25FC 1614 B8F8 7B52 FF2F  99B9 62AF 4031 C82E 0039
-    uid                  Peter Palfrader &lt;peter@xxxxxxxxxxxxx&gt;
-    uid                  Peter Palfrader &lt;weasel@xxxxxxxxxx&gt;
-
-    pub   8192R/C11F6276 2012-07-21
-          Key fingerprint = AD1A B35C 674D F572 FBCE  8B0A 6BC7 58CB C11F 6276
-    uid                  David Fifield &lt;david@xxxxxxxxxxxxxxx&gt;
-    sub   4096R/D90A8E40 2012-07-21
-    sub   4096R/5CD388E5 2012-07-21
-
-    pub   4096R/23291265 2010-05-07
-          Key fingerprint = 8C4C D511 095E 982E B0EF  BFA2 1E8B F349 2329 1265
-    uid                  Linus Nordberg &lt;linus@xxxxxxxxxxxxxx&gt;
-    sub   4096R/B5F7D1B1 2016-04-14 [expires: 2017-04-14]
-
-    pub   rsa4096/0x94373AA94B7C3223 2013-07-30
-          Key fingerprint = 35CD 74C2 4A9B 15A1 9E1A  81A1 9437 3AA9 4B7C 3223
-    uid                  Georg Koppen &lt;gk@xxxxxxxxxxxxxx&gt;
-    sub   rsa4096/0x5778071EE2DE675B 2017-09-11 [expires: 2018-09-11]
-    sub   rsa4096/0x72E841BB93148AD2 2017-09-11 [expires: 2018-09-11]
-
-    pub   4096R/3E39CEABFC69F6F7 2015-09-24
-          Key fingerprint = 6AB6 AEE9 776E 7827 23C8  ACE8 3E39 CEAB FC69 F6F7
-    uid               [ unknown] Nicolas Vigier (boklm) &lt;boklm@xxxxxxxxxxxxxx&gt;
-    sub   4096R/07B7CFD7A0FBA062 2017-01-25 [expires: 2019-01-22]
-
-    pub   2048R/D752F538C0D38C3A 2014-12-10
-    Key fingerprint = 20B2 4CEF E6AF D615 0B6A  6F18 D752 F538 C0D3 8C3A
-    uid               [  full  ] Arthur Edelstein &lt;arthuredelstein@xxxxxxxxx&gt;
-    sub   2048R/3306E88D27211E0B 2014-12-10
-
-    pub   4096R/0x4E2C6E8793298290 2014-12-15 [expires: 2020-08-24]
-          Key fingerprint = EF6E 286D DA85 EA2A 4BA7  DE68 4E2C 6E87 9329 8290
-    uid   Tor Browser Developers (signing key) &lt;torbrowser@xxxxxxxxxxxxxx&gt;
-    sub   4096R/0xD1483FA6C3C07136 2016-08-24 [expires: 2018-08-24]
-    sub   4096R/0xEB774491D9FF06E2 2018-05-26 [expires: 2020-09-12]
-
-    pub   2048R/0x42E86A2A11F48D36 2011-05-11 [expires: 2017-05-09]
-          Key fingerprint = B744 17ED DF22 AC9F 9E90  F491 42E8 6A2A 11F4 8D36
-    uid                            David Goulet &lt;dgoulet@xxxxxxxxxxxxxx&gt;
-    sub   4096g/FE9D6620 2011-05-11 [expires: 2017-05-09]
-    sub   4096R/93CC198D 2013-09-10 [expires: 2016-09-10]
-
-    pub   4096R/0xB01C8B006DA77FAA 2016-02-25 [expires: 2020-02-24]
-          Key fingerprint = E4AC D397 5427 A5BA 8450  A1BE B01C 8B00 6DA7 7FAA
-    uid                            Sukhbir Singh &lt;azadi@xxxxxxxxxx&gt;
-    uid                            Sukhbir Singh &lt;sukhbir@xxxxxxxxxxxxxx&gt;
-    sub   4096R/0x1AF20C043D9F9289 2016-02-25 [expires: 2020-02-24]
-
-    pub   4096R/58ACD84F 2015-01-18 [expires: 2017-01-11]
-          Key fingerprint = A490 D0F4 D311 A415 3E2B  B7CA DBB8 02B2 58AC D84F
-    uid                  Tails developers &lt;tails@xxxxxxxx&gt;
-    sub   4096R/752A3DB6 2015-01-18 [expires: 2017-01-11]
-    sub   4096R/2F699C56 2015-01-18 [expires: 2017-01-11]
-    </pre>
+#include "keys.wmi" TITLE="Tor Project: Signing keys" CHARSET="UTF-8"
 
   </div>
   <!-- END MAINCOL -->
diff --git a/docs/en/update_signing-keys.pl b/docs/en/update_signing-keys.pl
new file mode 100755
index 00000000..11c04eda
--- /dev/null
+++ b/docs/en/update_signing-keys.pl
@@ -0,0 +1,116 @@
+#!/usr/bin/env perl
+use strict;
+use warnings;
+
+my $keysfile = "include/keys.txt";
+my $wmifile = 'include/keys.wmi';
+my $forcekeyupdates = 0;
+my $skipkeyupdates = 0;
+
+# First we load the keys, then we create a wmi file which is included by
+# https://www.torproject.org/docs/signing-keys.html.en
+
+# Determine the base directory in case we are called from somewhere else.
+# We assume to sit in docs/en. Update $root path if this file has moved:
+$0 =~ /^(.+)\/[^\/]+$/;
+my $root = "$1/../..";
+chdir $root or die "Could not enter $root: $! (script path: $0)\n";
+
+open my $kf, '<', "$keysfile" # read keys
+  or die "Could not open $keysfile: $!\n";
+
+my %sections; # project => key owners
+my %owners; # key owner => string with all keys
+my @projects; # save sections in order of appearance
+my $section;
+foreach (<$kf>) {
+  # filters comment and empty lines
+  next if ($_ eq "\n");
+  if (/^#/) {
+  # [section] / project
+  } elsif (/^\[(.+)\]$/) {
+    $section = "$1";
+    $sections{"$section"} = ();
+    push (@projects, $section);
+  # key owner with list of key id(s)
+  } elsif (/^([^:]+):(.+)$/) {
+    my $owner = "$1";
+    my $keys = "$2";
+    push( @{$sections{"$section"}}, $owner);
+    $owners{"$owner"} = "$keys";
+  # tell about unrecognized lines
+  } else { print "Ignored line: $_\n"; }
+}
+close $kf;
+my @owners = keys %owners;
+print "Loaded $keysfile. Found $#owners key owners in $#projects projects.\n";
+
+# If the keysfile did not change since the last run, we will not update them.
+# To update all keys anyway, set $forcekeyupdates = 1 above, or comment:
+if (-f $wmifile && qx/[ $wmifile -nt $keysfile ]/) {
+  $forcekeyupdates or $skipkeyupdates++;
+}
+
+open my $out, '>', "$wmifile"
+  or die "Could not write to $wmifile; $!\n";
+print $out "#!/usr/bin/env wml\n<p>The signing keys we use are:</p>\n<ul>\n";
+my %fingerprints;
+foreach my $project (@projects) {
+  my $owners = '';
+  my $suf = 's';
+  my @keysinproject;
+  # we grab the key owners for each project and iterate over their keys
+  foreach my $owner (@{$sections{"$project"}}) { # iterate over owners
+    my $keys = $owners{"$owner"};
+    # example for $keys: 0x165733EA, 0x8D29319A(signing key)
+    my $inbrackets = '';
+    $suf = '' if ($owners ne '');
+    my @keys = split (',', $keys); 
+    foreach my $key (@keys) { # iterate over keys
+      # validate key format. all regexp are beautiful.
+      if ($key =~ /^\s?(0x[^\(]+)(\(([^\)]+)\))?/) {
+        my $key = $1; 
+        push (@keysinproject, $key);
+        # named alternative key
+        if ($2) {
+          $inbrackets .= " with its $3 $key";
+        # first key
+        } elsif ($inbrackets eq '') {
+          $inbrackets = "$key";
+        # second key
+        } else {
+          $inbrackets .= " and $key";
+        }
+      } else { # tell if the format is wrong
+        print "Unrecognized key format: $key\n";
+      }
+    }
+    my $sep = ($owners eq '') ? '' : ', ';
+    # Add owner to the list
+    $owners .= "$sep$owner ($inbrackets)";
+    print " - $owner ($inbrackets) [$project]\n";
+  }
+  if ($project eq 'other') {
+    print $out "<li>Other developers include $owners.</li>\n";
+  } else {
+    $suf = 'ed' if ($project =~ /older/);
+    print $out "<li>$owners sign$suf <strong>$project</strong></li>\n";
+  }
+  my $keyids = join (' ', @keysinproject);
+  # update keys form keyserver pool
+  if ($forcekeyupdates or not $skipkeyupdates) {
+    print "Fetching $keyids from keyserver:\n";
+    qx/gpg --recv-key $keyids/;
+  }
+  # save gpg output for later
+  my $str = qx/gpg --list-keys --keyid-format 0xlong --with-fingerprint $keyids/;
+  $str =~ s/</&lt;/g; $str =~ s/>/&gt;/g; $str =~ s/@/#/g; # replace html codes
+  $fingerprints{"$project"} = "<pre>\n$str</pre>\n";
+}
+
+# print keys for each project to file
+print $out "</ul>\n<h2>Fingerprints</h2>\n<p>The fingerprints for the keys are:</p>\n";
+foreach my $project (@projects) {
+  print $out "<h3>$project</h3>\n". $fingerprints{"$project"};
+}
+close $out; print "Wrote $wmifile.\n"; exit 0;
diff --git a/include/keys.txt b/include/keys.txt
new file mode 100644
index 00000000..81b881cb
--- /dev/null
+++ b/include/keys.txt
@@ -0,0 +1,32 @@
+[Tor Browser releases]
+The Tor Browser Developers: 0x4E2C6E8793298290
+Mike Perry: 0x0E3A92E4
+Georg Koppen: 0x4B7C3223
+Nicolas Vigier: 0xD0220E4B
+Linus Nordberg: 0x23291265
+Arthur Edelstein: 0xD752F538C0D38C3A
+
+[Tor source tarballs]
+Roger Dingledine: 0x28988BF5, 0x19F78451
+Nick Mathewson: 0xFE43009C4607B1FB, 0x6AFEE6D49E92B601(signing key)
+
+[older Tor tarballs]
+Nick Mathewson: 0x165733EA, 0x8D29319A(signing key)
+
+[deb.torproject.org repositories and archives]
+Tor Project Archive: 0x886DDD89
+
+[Arm releases]
+Damian Johnson: 0x9ABBEEC6
+
+[Tails live system releases]
+The Tails team: 0x58ACD84F
+
+[Torsocks releases]
+David Goulet: 0x42E86A2A11F48D36
+
+[TorBirdy releases]
+Sukhbir Singh: 0xB01C8B006DA77FAA
+
+[other]
+Peter Palfrader: 0xC82E0039, 0xE1DEC577(subkey)
diff --git a/include/keys.wmi b/include/keys.wmi
new file mode 100644
index 00000000..89bfab17
--- /dev/null
+++ b/include/keys.wmi
@@ -0,0 +1,187 @@
+#!/usr/bin/env wml
+<p>The signing keys we use are:</p>
+<ul>
+<li>The Tor Browser Developers (0x4E2C6E8793298290), Mike Perry (0x0E3A92E4), Georg Koppen (0x4B7C3223), Nicolas Vigier (0xD0220E4B), Linus Nordberg (0x23291265), Arthur Edelstein (0xD752F538C0D38C3A) sign <strong>Tor Browser releases</strong></li>
+<li>Roger Dingledine (0x28988BF5 and 0x19F78451), Nick Mathewson (0x165733EA with its signing key 0x8D29319A) sign <strong>Tor source tarballs</strong></li>
+<li>Nick Mathewson (0x165733EA with its signing key 0x8D29319A) signed <strong>older Tor tarballs</strong></li>
+<li>Tor Project Archive (0x886DDD89) signs <strong>deb.torproject.org repositories and archives</strong></li>
+<li>Damian Johnson (0x9ABBEEC6) signs <strong>Arm releases</strong></li>
+<li>The Tails team (0x58ACD84F) signs <strong>Tails live system releases</strong></li>
+<li>David Goulet (0x42E86A2A11F48D36) signs <strong>Torsocks releases</strong></li>
+<li>Sukhbir Singh (0xB01C8B006DA77FAA) signs <strong>TorBirdy releases</strong></li>
+<li>Other developers include Peter Palfrader (0xC82E0039 with its subkey 0xE1DEC577).</li>
+</ul>
+<h2>Fingerprints</h2>
+<p>The fingerprints for the keys are:</p>
+<h3>Tor Browser releases</h3>
+<pre>
+pub   rsa4096/0x4E2C6E8793298290 2014-12-15 [C] [expires: 2020-08-24]
+      Key fingerprint = EF6E 286D DA85 EA2A 4BA7  DE68 4E2C 6E87 9329 8290
+uid                   [ unknown] Tor Browser Developers (signing key) &lt;torbrowser#torproject.org&gt;
+sub   rsa4096/0xEB774491D9FF06E2 2018-05-26 [S] [expires: 2020-09-12]
+
+pub   rsa8192/0x29846B3C683686CC 2013-09-11 [SC]
+      Key fingerprint = C963 C21D 6356 4E2B 10BB  335B 2984 6B3C 6836 86CC
+uid                   [ unknown] Mike Perry &lt;mikeperry#endarken.info&gt;
+uid                   [ unknown] Mike Perry &lt;mikeperry#unencrypted.info&gt;
+uid                   [ unknown] Mike Perry (Regular use key) &lt;mikeperry#fscked.org&gt;
+uid                   [ unknown] Mike Perry (Regular use key) &lt;mikeperry#torproject.org&gt;
+sub   rsa4096/0x004AD1045BA0FE28 2017-10-31 [S] [expires: 2018-10-31]
+sub   rsa4096/0xEEC50E9938F9F4E9 2017-10-31 [E] [expires: 2018-10-31]
+
+pub   rsa4096/0x4FEA46574B7C3223 2014-06-16 [SCEA] [revoked: 2016-08-16]
+      Key fingerprint = DFE0 2163 0B44 5B24 DE2D  CDAC 4FEA 4657 4B7C 3223
+uid                   [ revoked] Georg Koppen &lt;georg#getfoxyproxy.org&gt;
+
+pub   rsa4096/0x94373AA94B7C3223 2013-07-30 [SC]
+      Key fingerprint = 35CD 74C2 4A9B 15A1 9E1A  81A1 9437 3AA9 4B7C 3223
+uid                   [ unknown] Georg Koppen &lt;gk#torproject.org&gt;
+uid                   [ unknown] Georg Koppen &lt;groeg#vfemail.net&gt;
+uid                   [ unknown] Georg Koppen &lt;georg#getfoxyproxy.org&gt;
+sub   rsa4096/0x5778071EE2DE675B 2017-09-11 [E] [expires: 2018-09-11]
+sub   rsa4096/0x72E841BB93148AD2 2017-09-11 [S] [expires: 2018-09-11]
+
+pub   rsa4096/0xE5B81856D0220E4B 2014-03-19 [SC]
+      Key fingerprint = 4A90 646C 0BAE D9D4 56AB  3111 E5B8 1856 D022 0E4B
+uid                   [ unknown] Nicolas Vigier (TBB Builds Signing Key) &lt;boklm#torproject.org&gt;
+
+pub   rsa4096/0x1E8BF34923291265 2010-05-07 [SC]
+      Key fingerprint = 8C4C D511 095E 982E B0EF  BFA2 1E8B F349 2329 1265
+uid                   [ unknown] Linus Nordberg &lt;linus#nordberg.se&gt;
+uid                   [ unknown] Linus Nordberg &lt;linus#dfri.se&gt;
+uid                   [ unknown] Linus Nordberg &lt;linus#sunet.se&gt;
+uid                   [ unknown] Linus Nordberg &lt;linus#nordu.net&gt;
+uid                   [ unknown] Linus Nordberg &lt;linus#torproject.org&gt;
+uid                   [ unknown] [jpeg image of size 2906]
+sub   rsa4096/0xC1788C2B0B3120D3 2018-02-17 [A]
+sub   rsa4096/0x9DC3E9C66DDABD48 2018-04-11 [E] [expires: 2019-04-11]
+
+pub   rsa4096/0xAADF069E23291265 2014-06-16 [SCEA] [revoked: 2016-08-16]
+      Key fingerprint = 43D1 9E7B DB63 A474 0B0C  B555 AADF 069E 2329 1265
+uid                   [ revoked] Linus Nordberg &lt;linus#nordberg.se&gt;
+
+pub   rsa2048/0xD752F538C0D38C3A 2014-12-10 [SC]
+      Key fingerprint = 20B2 4CEF E6AF D615 0B6A  6F18 D752 F538 C0D3 8C3A
+uid                   [ unknown] Arthur Edelstein &lt;arthuredelstein#gmail.com&gt;
+sub   rsa2048/0x3306E88D27211E0B 2014-12-10 [E]
+
+</pre>
+<h3>Tor source tarballs</h3>
+<pre>
+pub   dsa1024/0xEB5A896A28988BF5 2000-02-27 [SCA]
+      Key fingerprint = B117 2656 DFF9 83C3 042B  C699 EB5A 896A 2898 8BF5
+uid                   [ unknown] Roger Dingledine &lt;arma#mit.edu&gt;
+sub   elg2048/0x147FF421788AFDCE 2000-02-27 [E]
+
+pub   rsa1024/0x9C01813428988BF5 2014-06-16 [SCEA] [revoked: 2016-08-16]
+      Key fingerprint = 2629 5471 A26A B9F9 6C0C  45BB 9C01 8134 2898 8BF5
+uid                   [ revoked] Roger Dingledine &lt;arma#mit.edu&gt;
+
+pub   rsa4096/0xC218525819F78451 2010-05-07 [SC]
+      Key fingerprint = F65C E37F 04BA 5B36 0AE6  EE17 C218 5258 19F7 8451
+uid                   [ unknown] Roger Dingledine &lt;arma#mit.edu&gt;
+uid                   [ unknown] Roger Dingledine &lt;arma#freehaven.net&gt;
+uid                   [ unknown] Roger Dingledine &lt;arma#torproject.org&gt;
+sub   rsa4096/0x1A61312B4600E8BE 2018-06-03 [E] [expires: 2019-06-03]
+
+pub   rsa4096/0x468FAE2919F78451 2014-06-16 [SCEA] [revoked: 2016-08-16]
+      Key fingerprint = 9C95 0D05 FC80 2DFA 79C3  7629 468F AE29 19F7 8451
+uid                   [ revoked] Roger Dingledine &lt;arma#mit.edu&gt;
+
+pub   rsa1024/0xD50624EC165733EA 2014-06-16 [SCEA] [revoked: 2016-08-16]
+      Key fingerprint = 33DC 81DC C099 4E0A 10D8  048B D506 24EC 1657 33EA
+uid                   [ revoked] Nick Mathewson &lt;nickm#alum.mit.edu&gt;
+
+pub   rsa3072/0x21194EBB165733EA 2004-07-03 [SC]
+      Key fingerprint = B35B F85B F194 89D0 4E28  C33C 2119 4EBB 1657 33EA
+uid                   [ unknown] Nick Mathewson &lt;nickm#alum.mit.edu&gt;
+uid                   [ unknown] Nick Mathewson &lt;nickm#wangafu.net&gt;
+uid                   [ unknown] Nick Mathewson &lt;nickm#freehaven.net&gt;
+uid                   [ unknown] [jpeg image of size 3369]
+sub   rsa3072/0x910397D88D29319A 2004-07-03 [S]
+sub   rsa3072/0xD2CA27F3F25B8E5E 2004-07-03 [E]
+
+</pre>
+<h3>older Tor tarballs</h3>
+<pre>
+pub   rsa1024/0xD50624EC165733EA 2014-06-16 [SCEA] [revoked: 2016-08-16]
+      Key fingerprint = 33DC 81DC C099 4E0A 10D8  048B D506 24EC 1657 33EA
+uid                   [ revoked] Nick Mathewson &lt;nickm#alum.mit.edu&gt;
+
+pub   rsa3072/0x21194EBB165733EA 2004-07-03 [SC]
+      Key fingerprint = B35B F85B F194 89D0 4E28  C33C 2119 4EBB 1657 33EA
+uid                   [ unknown] Nick Mathewson &lt;nickm#alum.mit.edu&gt;
+uid                   [ unknown] Nick Mathewson &lt;nickm#wangafu.net&gt;
+uid                   [ unknown] Nick Mathewson &lt;nickm#freehaven.net&gt;
+uid                   [ unknown] [jpeg image of size 3369]
+sub   rsa3072/0x910397D88D29319A 2004-07-03 [S]
+sub   rsa3072/0xD2CA27F3F25B8E5E 2004-07-03 [E]
+
+</pre>
+<h3>deb.torproject.org repositories and archives</h3>
+<pre>
+pub   rsa2048/0xEE8CBC9E886DDD89 2009-09-04 [SC] [expires: 2022-08-05]
+      Key fingerprint = A3C4 F0F9 79CA A22C DBA8  F512 EE8C BC9E 886D DD89
+uid                   [ unknown] deb.torproject.org archive signing key
+sub   rsa2048/0x74A941BA219EC810 2009-09-04 [S] [expires: 2020-11-23]
+
+</pre>
+<h3>Arm releases</h3>
+<pre>
+pub   rsa1024/0xF94ABB509ABBEEC6 2014-06-16 [SCEA] [revoked: 2016-08-16]
+      Key fingerprint = D8AA CF11 9067 89E8 91DD  2C27 F94A BB50 9ABB EEC6
+uid                   [ revoked] Damian Johnson (www.atagar.com) &lt;atagar1#gmail.com&gt;
+
+pub   dsa1024/0x0445B7AB9ABBEEC6 2009-06-17 [SC]
+      Key fingerprint = 6827 8CC5 DD2D 1E85 C4E4  5AD9 0445 B7AB 9ABB EEC6
+uid                   [ unknown] Damian Johnson (www.atagar.com) &lt;atagar1#gmail.com&gt;
+uid                   [ unknown] Damian Johnson &lt;atagar#torproject.org&gt;
+sub   rsa2048/0x888404C187F30690 2010-08-07 [S]
+sub   elg2048/0x04F1B63D146276B2 2009-06-17 [E]
+
+</pre>
+<h3>Tails live system releases</h3>
+<pre>
+pub   rsa4096/0xDBB802B258ACD84F 2015-01-18 [C] [expires: 2019-01-11]
+      Key fingerprint = A490 D0F4 D311 A415 3E2B  B7CA DBB8 02B2 58AC D84F
+uid                   [ unknown] Tails developers &lt;tails#boum.org&gt;
+uid                   [ unknown] Tails developers (offline long-term identity key) &lt;tails#boum.org&gt;
+sub   ed25519/0x90B2B4BD7AED235F 2017-08-28 [S] [expires: 2019-01-11]
+sub   rsa4096/0xD21DAD38AF281C0B 2017-08-28 [S] [expires: 2019-01-11]
+sub   rsa4096/0x3020A7A9C2B72733 2017-08-28 [S] [expires: 2019-01-11]
+
+</pre>
+<h3>Torsocks releases</h3>
+<pre>
+pub   rsa2048/0x42E86A2A11F48D36 2011-05-11 [SC] [expires: 2019-05-01]
+      Key fingerprint = B744 17ED DF22 AC9F 9E90  F491 42E8 6A2A 11F4 8D36
+uid                   [ unknown] David Goulet &lt;dgoulet#ev0ke.net&gt;
+uid                   [ unknown] David Goulet &lt;dgoulet#riseup.net&gt;
+uid                   [ unknown] David Goulet &lt;dgoulet#torproject.org&gt;
+sub   rsa4096/0x2AC6036C93CC198D 2013-09-10 [E] [expires: 2019-08-17]
+
+</pre>
+<h3>TorBirdy releases</h3>
+<pre>
+pub   rsa4096/0xB01C8B006DA77FAA 2016-02-25 [SC] [expires: 2020-02-24]
+      Key fingerprint = E4AC D397 5427 A5BA 8450  A1BE B01C 8B00 6DA7 7FAA
+uid                   [ unknown] Sukhbir Singh &lt;azadi#riseup.net&gt;
+uid                   [ unknown] Sukhbir Singh &lt;sukhbir#torproject.org&gt;
+sub   rsa4096/0x1AF20C043D9F9289 2016-02-25 [E] [expires: 2020-02-24]
+
+</pre>
+<h3>other</h3>
+<pre>
+pub   rsa4096/0x62AF4031C82E0039 2003-03-24 [SC] [expires: 2024-08-28]
+      Key fingerprint = 25FC 1614 B8F8 7B52 FF2F  99B9 62AF 4031 C82E 0039
+uid                   [ unknown] Peter Palfrader
+uid                   [ unknown] Peter Palfrader &lt;weasel#debian.org&gt;
+uid                   [ unknown] Peter Palfrader &lt;peter#palfrader.org&gt;
+sub   rsa2048/0x8602C8203872331F 2014-05-04 [S] [expires: 2020-09-01]
+sub   rsa2048/0xE377AED938E4E080 2014-05-04 [E] [expires: 2020-09-01]
+
+pub   rsa4096/0x7675B62DC82E0039 2014-06-16 [SCEA] [revoked: 2016-08-16]
+      Key fingerprint = A110 43D3 C8A6 395D DDD0  EE85 7675 B62D C82E 0039
+uid                   [ revoked] Peter Palfrader
+
+</pre>



_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits