[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] [tor-relays] New GPG key for Mike Perry

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] [tor-relays] New GPG key for Mike Perry
From: "Joel R. Voss" <jvoss@xxxxxxxxxx>
Date: Sat, 28 Sep 2013 09:42:54 -0700
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 28 Sep 2013 12:56:07 -0400
In-reply-to: <20130927211817.GA12979@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <20130927211817.GA12979@xxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: KMail/4.10.4 (Linux/3.9.4-i7; KDE/4.10.4; x86_64; ; )

Hi Mike,

I'm writing a blog post about web of trust. I'm looking for any weaknesses I 
can find in it because I'm writing a piece of software that would be designed 
to help grow it. I'd appreciate if you could give me a few points that I can 
research. I'd be happy to send you my findings so far if you want to read them. 
This is a fairly important subject because many people rely upon it for 
software signing, encrypted e-mail, and soon we could use it much more widely.

I've read the previous thread about web of trust (tor-talk 2010 December) but 
didn't find it to be particularly relevant.

Regards,
Javantea
0x1954fed2

On Friday 27 September 2013 14:18:17 Mike Perry wrote:
> Hi everyone,
> 
> I've finally made a new GPG key (after a scant 7 years!).
> 
> This new key will be used to sign email from me going forward, and will
> be used to sign software releases until such time as I get around to
> creating a second set of keys on a hardware token for that purpose.
> 
> While I dislike the Web of Trust for a number of reasons*, my plan is to
> cross-certify these two sets of new keys, and also sign both with my old
> key. Hence I will not immediately be issuing a revocation for my old
> key.
> 
> The new key is attached, and is available on the keyservers (with a
> signature from my old key) at:
> http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x29846B3C683686CC
> 
> Here's the fingerprint and current subkey information for reference:
> pub   8192R/29846B3C683686CC 2013-09-11
>       Key fingerprint = C963 C21D 6356 4E2B 10BB  335B 2984 6B3C 6836 86CC
> uid                          Mike Perry (Regular use key)
> <mikeperry@xxxxxxxxxxxxxx> sub   4096R/717F1F130E3A92E4 2013-09-11
> [expires: 2014-09-11]
> sub   4096R/A3BD8153BC40FFA0 2013-09-11 [expires: 2014-09-11]
> 
> 
> This message should also be signed by my previous key, which was used
> extensively to sign my email and my source code releases prior to today.
> 
> 
> * Ensuing flamewars about the Web of Trust should reply only to tor-talk.

Attachment: signature.asc
Description: This is a digitally signed message part.

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] New GPG key for Mike Perry
  - From: Mike Perry

Prev by Author: Re: [tor-talk] panopticlick data
Next by Author: [tor-talk] Atlas
Previous by thread: Re: [tor-talk] Web of Trust, gpg vs OTR - was: Re: New GPG key for Mike Perry
Next by thread: [tor-talk] Can't log in
Index(es):
- Author
- Thread