[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] New GPG key for Mike Perry



Hi, Since TorProject.org domain-name is already DNSSEC signed, will
you pls consider to include your and Runa's GPG key (which are used
for signing Tor and related software) into DNS ?
Then using even dig (or gpg tools) regular/other users (who uses
local DNSSEC based DNS-Servers) can obtain DNSSEC authenticated
super accurate GPG keys.  No need to blindly always trust a
middle-man gpg-key-sharing servers.  Pls share it via multiple
channels/mediums.
Specially, developers who owns domain-names or works under a group
which has domain-name, they, and who releases software, they should
VERY seriously consider to include their signing related (full) GPG
pub-keys in DNS for declaring and sharing your GPG-keys, just like
declaring SSL/TLS certificate via "TLSA"/DANE, so users can get
authentic full keys and/or certificates. Such should help in
reducing various falsifications.
Thanks in advance,
- Bright Star.
bry 8 st ar a.@t. in ven ta ti d.o.t. or g:
GPG-FPR:C70FD3D070EB5CADFC040FCB80F68A461F5923FA.
bry 8 st ar a.@t. ya hoo d.o.t. c om:
GPG-FPR:12B77F2C92BF25C838C64D9C8836DBA2576C10EC.



Received from Mike Perry, on 2013-09-27 2:18 PM:
> Hi everyone, 
> 
> I've finally made a new GPG key (after a scant 7 years!). 
> 
> This new key will be used to sign email from me going forward, and will
> be used to sign software releases until such time as I get around to
> creating a second set of keys on a hardware token for that purpose.
> 
> While I dislike the Web of Trust for a number of reasons*, my plan is to
> cross-certify these two sets of new keys, and also sign both with my old
> key. Hence I will not immediately be issuing a revocation for my old
> key.
> 
> The new key is attached, and is available on the keyservers (with a
> signature from my old key) at:
> http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x29846B3C683686CC
> 
> Here's the fingerprint and current subkey information for reference:
> pub   8192R/29846B3C683686CC 2013-09-11
>       Key fingerprint = C963 C21D 6356 4E2B 10BB  335B 2984 6B3C 6836 86CC
> uid                          Mike Perry (Regular use key) <mikeperry@xxxxxxxxxxxxxx>
> sub   4096R/717F1F130E3A92E4 2013-09-11 [expires: 2014-09-11]
> sub   4096R/A3BD8153BC40FFA0 2013-09-11 [expires: 2014-09-11]
> 
> 
> This message should also be signed by my previous key, which was used
> extensively to sign my email and my source code releases prior to today.
> 
> 
> * Ensuing flamewars about the Web of Trust should reply only to tor-talk.
> 
> 
> 
> 
> _______________________________________________
> tor-relays mailing list
> tor-relays@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays