Package: debian-keyring Version: 2018.11.25 Severity: normal File: /usr/share/keyrings/debian-role-keys.gpg Tags: security X-Debbugs-CC: secur...@debian.org
I noticed that debian-role-keys.gpg contains two keys for the Debian Security Team, one of which is expired and obsolete (based on the security FAQ on the website). Presumably the obsolete key should be removed from the Debian role keyring. $ gpg --no-default-keyring --keyring /usr/share/keyrings/debian-role-keys.gpg --list-key secur...@debian.org Keyring: /usr/share/keyrings/debian-role-keys.gpg ------------------------------------------------- pub rsa4096/0x2702CAEB90F8EEC5 2012-09-12 [SC] [expired: 2015-09-12] Key fingerprint = BACB 4B5C 30AC 38F3 19EE 961E 2702 CAEB 90F8 EEC5 uid [ expired] Debian Security Team <secur...@debian.org> uid [ expired] Debian Security Team <t...@security.debian.org> uid [ expired] Debian Security Team <debian-security-priv...@lists.debian.org> sub rsa4096/0x2FDE22ACA225CF28 2012-09-12 [E] [expired: 2015-09-12] Key fingerprint = 8368 CE16 564D 83C7 5049 F9E4 2FDE 22AC A225 CF28 Keyring: /usr/share/keyrings/debian-role-keys.gpg ------------------------------------------------- pub rsa4096/0x6BAF400B05C3E651 2015-01-18 [SC] [expires: 2020-01-17] Key fingerprint = 0D59 D2B1 5144 766A 14D2 41C6 6BAF 400B 05C3 E651 uid [ unknown] Debian Security Team <secur...@debian.org> uid [ unknown] Debian Security Team <t...@security.debian.org> sub rsa4096/0x0DD8C0E40F39FB17 2015-01-18 [E] [expires: 2020-01-17] Key fingerprint = 0730 18F7 B3AF 12F8 D28A 7063 0DD8 C0E4 0F39 FB17 $ w3m -dump https://www.debian.org/security/faq#contact | grep -A2 'key ID' If desired, email can be encrypted with the Debian Security Contact key (key ID 0x0D59D2B15144766A14D241C66BAF400B05C3E651). For the PGP/GPG keys of individual team members, please refer to the keyring.debian.org keyserver. -- System Information: Debian Release: buster/sid APT prefers testing-debug APT policy: (900, 'testing-debug'), (900, 'testing'), (800, 'unstable-debug'), (800, 'unstable'), (790, 'buildd-unstable'), (700, 'experimental-debug'), (700, 'experimental'), (690, 'buildd-experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.18.0-3-amd64 (SMP w/4 CPU cores) Locale: LANG=en_AU.utf8, LC_CTYPE=en_AU.utf8 (charmap=UTF-8), LANGUAGE=en_AU.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled debian-keyring depends on no packages. Versions of packages debian-keyring recommends: ii gnupg 2.2.12-1 debian-keyring suggests no packages. -- no debconf information -- bye, pabs https://wiki.debian.org/PaulWise
signature.asc
Description: This is a digitally signed message part