subject:"\[issue36191\] pubkeys.txt contains bogus keys"

[issue36191] pubkeys.txt contains bogus keys

2019-09-12 Thread Ned Deily



Ned Deily  added the comment:

(See later discussion and resolution in Issue37967.)

--
nosy: +ned.deily

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36191] pubkeys.txt contains bogus keys

2019-03-06 Thread Joannah Nanjekye



Change by Joannah Nanjekye :


--
stage:  -> resolved
status: open -> closed

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36191] pubkeys.txt contains bogus keys

2019-03-06 Thread Joannah Nanjekye



Joannah Nanjekye  added the comment:

Agreed @xtreak, I have moved this issue to the respective Github repository 
https://github.com/python/pythondotorg/issues/1395 .

I will close this issue.

--
nosy: +nanjekyejoannah

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36191] pubkeys.txt contains bogus keys

2019-03-05 Thread Peter Otten



Change by Peter Otten <__pete...@web.de>:


--
nosy: +peter.otten

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36191] pubkeys.txt contains bogus keys

2019-03-05 Thread Karthikeyan Singaravelan



Karthikeyan Singaravelan  added the comment:

Thanks for the report but the tracker deals with bugs in CPython. python.org 
website has a Github repo and I think this can be reported at 
https://github.com/python/pythondotorg where it could get a better resolution. 
I would propose closing it as third party.

--
nosy: +xtreak

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36191] pubkeys.txt contains bogus keys

2019-03-04 Thread Thomas Jollans



New submission from Thomas Jollans :

The file https://www.python.org/static/files/pubkeys.txt contains some bogus 
GPG keys with 32-bit key IDs identical to actual release manager key IDs. (see 
below) I imagine these slipped in by accident and may have been created by 
someone trying to make a point. (see also: https://evil32.com/)

This is obviously not a serious security concern, but it would be a better look 
if the file contained only the real keys, and if 
https://www.python.org/downloads/ listed fingerprints.

Pointed out by Peter Otten on python-list. 
https://mail.python.org/pipermail/python-list/2019-March/739788.html

These are the obvious fake keys included: 

pub:-:1024:1:2056FF2E487034E5:1137310238:::-:
fpr:BA749AC731BE5A28A65446C02056FF2E487034E5:
uid:Totally Legit Signing Key :
pub:-:1024:1:C2E8D739F73C700D:1245930666:::-:
fpr:7F54F95AC61EE1465CFE7A1FC2E8D739F73C700D:
uid:Totally Legit Signing Key :
pub:-:1024:1:FABF4E7B6F5E1540:1512586955:::-:
fpr:FD01BA54AE5D9B9C468E65E3FABF4E7B6F5E1540:
uid:Totally Legit Signing Key :
pub:-:1024:1:0E93AA73AA65421D:1202230939:::-:
fpr:41A239476ABD6CBA8FC8FCA90E93AA73AA65421D:
uid:Totally Legit Signing Key :
pub:-:1024:1:79B457E4E6DF025C:1357547701:::-:
fpr:9EB49DC166F6400EF5DA53F579B457E4E6DF025C:
uid:Totally Legit Signing Key :
pub:-:1024:1:FEA3DC6DEA5BBD71:1432286066:::-:
fpr:801BD5AE93D392E22DDC6C7AFEA3DC6DEA5BBD71:
uid:Totally Legit Signing Key :
pub:-:1024:1:236A434AA74B06BF:1366844479:::-:
fpr:B43A1F9EDE867FE48AD1D718236A434AA74B06BF:
uid:Totally Legit Signing Key :
pub:-:1024:1:F5F4351EA4135B38:1250910569:::-:
fpr:4F3B83264BC0C99EDADBF91FF5F4351EA4135B38:
uid:Totally Legit Signing Key :
pub:-:1024:1:D84E17F918ADD4FF:1484232656:::-:
fpr:3A3E83C9DB23EF8B5E5DADBED84E17F918ADD4FF:
uid:Totally Legit Signing Key :
pub:-:1024:1:876CCCE17D9DC8D2:1164804081:::-:
fpr:C1FCAEABC21C54C03120EF6A876CCCE17D9DC8D2:
uid:Totally Legit Signing Key :
pub:-:1024:1:0F7232D036580288:1140898452:::-:
fpr:12FF24C7BCEE1AE82EC38B3A0F7232D036580288:
uid:Totally Legit Signing Key :
pub:-:1024:1:27801D7E6A45C816:1287310846:::-:
fpr:8CA98EEE6FE14D11DF37694927801D7E6A45C816:
uid:Totally Legit Signing Key :

--
assignee: docs@python
components: Documentation
messages: 337156
nosy: docs@python, tjollans
priority: normal
severity: normal
status: open
title: pubkeys.txt contains bogus keys
type: enhancement
versions: Python 3.7

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36191] pubkeys.txt contains bogus keys

[issue36191] pubkeys.txt contains bogus keys

[issue36191] pubkeys.txt contains bogus keys

[issue36191] pubkeys.txt contains bogus keys

[issue36191] pubkeys.txt contains bogus keys

[issue36191] pubkeys.txt contains bogus keys

6 matches

Site Navigation

Mail list logo

Footer information