commit 9db0e47474c387faa5ec3b0fe8d18a6f256eceac Author: traumschule <traumschulerie...@riseup.net> Date: Fri Sep 14 19:02:16 2018 +0200
Update subkey fingerprints and signing keys page (#27698, #27702) --- docs/en/update_signing-keys.pl | 120 +++++++++++++++++++++++++++------------ docs/en/verifying-signatures.wml | 16 +++--- include/keys.wmi | 55 ++++++++++++++---- include/subkey_fingerprints.wmi | 3 - 4 files changed, 136 insertions(+), 58 deletions(-) diff --git a/docs/en/update_signing-keys.pl b/docs/en/update_signing-keys.pl index db7ce738..5cdc1006 100755 --- a/docs/en/update_signing-keys.pl +++ b/docs/en/update_signing-keys.pl @@ -2,8 +2,10 @@ use strict; use warnings; +# This script automatically updates the .wmi file with gpg as per: my $keysfile = "include/keys.txt"; my $wmifile = 'include/keys.wmi'; +my $fpfile = 'include/subkey_fingerprints.wmi'; my $forcekeyupdates = 0; my $skipkeyupdates = 0; @@ -21,7 +23,7 @@ open my $kf, '<', "$keysfile" # read keys my %sections; # project => key owners my %owners; # key owner => string with all keys -my @projects; # save sections in order of appearance +my @apps; # save sections in order of appearance my $section; foreach (<$kf>) { # filters comment and empty lines @@ -31,7 +33,7 @@ foreach (<$kf>) { } elsif (/^\[(.+)\]$/) { $section = "$1"; $sections{"$section"} = (); - push (@projects, $section); + push (@apps, $section); # key owner with list of key id(s) } elsif (/^([^:]+):(.+)$/) { my $owner = "$1"; @@ -43,7 +45,7 @@ foreach (<$kf>) { } close $kf; my @owners = keys %owners; -print "Loaded $keysfile. Found $#owners key owners in $#projects projects.\n"; +print "Loaded $keysfile. Found $#owners key owners for $#apps applications.\n"; # If the keysfile did not change since the last run, we will not update them. # To update all keys anyway, set $forcekeyupdates = 1 above, or comment: @@ -51,38 +53,36 @@ if (-f $wmifile && qx/[ $wmifile -nt $keysfile ]/) { $forcekeyupdates or $skipkeyupdates++; } -open my $out, '>', "$wmifile" - or die "Could not write to $wmifile; $!\n"; -print $out "#!/usr/bin/env wml\n<p> -This page is automatically generated from -<a href='/include/keys.txt'>keys.txt</a>. -The signing keys we use are:\n</p>\n<ul>\n"; +my $buffer = ''; # project overview string my %fingerprints; -foreach my $project (@projects) { - my $owners = ''; - my $suf = 's'; - my @keysinproject; +foreach my $app (@apps) { + print "\nUpdating keys for '$app':\n"; + my ($keys, $subkey_fingerprints, $owners, $suf) = ('', '', '', 's'); + my @keysforapp; # we grab the key owners for each project and iterate over their keys - foreach my $owner (@{$sections{"$project"}}) { # iterate over owners + foreach my $owner (@{$sections{"$app"}}) { # iterate over owners my $keys = $owners{"$owner"}; # example for $keys: 0x165733EA, 0x8D29319A(signing key) - my $inbrackets = ''; + my ($inbrackets, $inbrackets_html) = ('', ''); $suf = '' if ($owners ne ''); my @keys = split (',', $keys); foreach my $key (@keys) { # iterate over keys # validate key format. all regexp are beautiful. if ($key =~ /^\s?(0x[^\(]+)(\(([^\)]+)\))?/) { my $key = $1; - push (@keysinproject, $key); + my $keylink = "<a href='https://pgp.mit.edu/pks/lookup?search=$key&op=vindex&exact=on'>$key</a>"; + push (@keysforapp, $key); # named alternative key if ($2) { $inbrackets .= " with its $3 $key"; # first key } elsif ($inbrackets eq '') { $inbrackets = "$key"; + $inbrackets_html = "$keylink"; # second key } else { - $inbrackets .= " and $key"; + $inbrackets = " and $key"; + $inbrackets_html .= " and $keylink"; } } else { # tell if the format is wrong print "Unrecognized key format: $key\n"; @@ -90,31 +90,81 @@ foreach my $project (@projects) { } my $sep = ($owners eq '') ? '' : ', '; # Add owner to the list - $owners .= "$sep$owner ($inbrackets)"; - print " - $owner ($inbrackets) [$project]\n"; + $owners .= "$sep$owner ($inbrackets_html)"; + print " - $owner ($inbrackets)\n"; } - if ($project eq 'other') { - print $out "<li>Other developers include $owners.</li>\n"; + if ($app eq 'other') { + $buffer .= "<li>Other developers include $owners.</li>\n"; } else { - $suf = 'ed' if ($project =~ /older/); - print $out "<li>$owners sign$suf <strong>$project</strong></li>\n"; + $suf = 'ed' if ($app =~ /older/); + $buffer .= "<li>$owners sign$suf <strong>$app</strong></li>\n"; } - foreach my $key (@keysinproject) { - # update keys form keyserver pool + + # we update collected keys for this application and create a string of them + my $gpgcmd = "gpg --keyid-format 0xlong --fingerprint --with-subkey-fingerprints"; + foreach my $key (@keysforapp) { + # update keys if ($forcekeyupdates or not $skipkeyupdates) { - print "Fetching $key from keyserver:\n"; - qx/gpg --recv-key $key/ or die "Failed to fetch $key; + print "\nFetching $key\n"; + my $gpgresult; + do { $gpgresult = system "gpg --recv-key $key"; sleep 1; } + while ($gpgresult != 0); } + + # add output to key string + my $str = qx/$gpgcmd $key/; + # replace html codes + $str =~ s/</</g; $str =~ s/>/>/g; $str =~ s/@/#/g; $str =~ s/@/&at;/g; + $keys .= "$str"; + } + # save formatted string for project + $fingerprints{"$app"} = "<pre>\n$keys</pre>\n"; + + if ($app eq "Tor Browser releases") { + my $owner = "The Tor Browser Developers"; + die "Did not findTor Browser signing key.\n" if ($owners{$owner} eq ''); + # save Tor Browser signing key subkey fingerprints to $fpfile + my @fp = qx/$gpgcmd $owners{$owner}|grep "Key fingerprint"/; + shift @fp; # remove primary key fingerprint + $subkey_fingerprints .= join ('', map { s/^\s+Key fingerprint = //; "$_" } @fp); + if (open my $fpout, '>', "$fpfile.temp") { + print $fpout "#!/usr/bin/env wml\n$subkey_fingerprints"; + close $fpout; + # check that the written file is not empty + my $written_lines = qx/wc -l "$fpfile.temp"|wc -l/; + if ($written_lines gt 0) { + rename "$fpfile.temp", "$fpfile" and + print "\nWrote following subkey fingerprints to $fpfile:\n$subkey_fingerprints" + or die "Could not overwrite $fpfile: $!\n"; + } else { die "Created $fpfile.temp but it is empty.\n"; } + } else { die "Could not create temporary file $fpfile.temp.\n"; } } - # save gpg output for later - my $str = qx/gpg --list-keys --keyid-format 0xlong --with-fingerprint $keyids/; - $str =~ s/</</g; $str =~ s/>/>/g; $str =~ s/@/#/g; # replace html codes - $fingerprints{"$project"} = "<pre>\n$str</pre>\n"; } +my @date = localtime; +my $date = "$date[4]/$date[5]"; # Month/Year # print keys for each project to file -print $out "</ul>\n<h2>Fingerprints</h2>\n<p>The fingerprints for the keys are:</p>\n"; -foreach my $project (@projects) { - print $out "<h3>$project</h3>\n". $fingerprints{"$project"}; +open my $html, '>', "$wmifile" + or die "Could not write to $wmifile; $!\n"; + +print $html "#!/usr/bin/env wml +<p> +This page was automatically generated page from +<a href='/include/keys.txt'>this file listing the gpg keys of our release teams</a>. +To learn how to verify signatures, see <a href=\"<page docs/signing-keys>\"> +our manual</a>. +</p> +<p> +As of $date the signing keys we use are: +</p> + +<ul> +$buffer +</ul> +<h2>Fingerprints</h2>\n<p>The fingerprints for the keys are:</p>\n"; + +foreach my $app (@apps) { + print $html "<h3>$app</h3>\n". $fingerprints{"$app"}; } -close $out; print "Wrote $wmifile.\n"; exit 0; +close $html; +print "\nWrote $wmifile.\n"; diff --git a/docs/en/verifying-signatures.wml b/docs/en/verifying-signatures.wml index 3fd24f28..d131e084 100644 --- a/docs/en/verifying-signatures.wml +++ b/docs/en/verifying-signatures.wml @@ -109,7 +109,7 @@ <pre> pub rsa4096/0x4E2C6E8793298290 2014-12-15 [C] [expires: 2020-08-24] Key fingerprint = EF6E 286D DA85 EA2A 4BA7 DE68 4E2C 6E87 9329 8290 -uid [ unknown] Tor Browser Developers (signing key) <torbrow...@torproject.org> +uid [ unknown] Tor Browser Developers (signing key) <torbrowser&at;torproject.org> sub rsa4096/0xD1483FA6C3C07136 2016-08-24 [S] [expires: 2018-08-24] Key fingerprint = A430 0A6B C93C 0877 A445 1486 D148 3FA6 C3C0 7136 sub rsa4096/0xEB774491D9FF06E2 2018-05-26 [S] [expires: 2020-09-12] @@ -125,15 +125,15 @@ sub rsa4096/0xEB774491D9FF06E2 2018-05-26 [S] [expires: 2020-09-12] gpg: assuming signed data in 'torbrowser-install-<version-torbrowserbundle>_en-US.exe' gpg: Signature made Wed 15 Nov 2017 05:52:38 PM CET gpg: using RSA key 0xD1483FA6C3C07136 -gpg: Good signature from "Tor Browser Developers (signing key) <torbrow...@torproject.org>" [unknown] +gpg: Good signature from "Tor Browser Developers (signing key) <torbrowser&at;torproject.org>" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: EF6E 286D DA85 EA2A 4BA7 DE68 4E2C 6E87 9329 8290 Subkey fingerprint: A430 0A6B C93C 0877 A445 1486 D148 3FA6 C3C0 7136 - <p>Currently valid subkey fingerprints are: + <p>Currently valid subkey fingerprints are:</p> <pre> #include "subkey_fingerprints.wmi" TITLE="Tor Project: Subkey Fingerprints" CHARSET="UTF-8" - </pre></p> + </pre> <p> Notice that there is a warning because you haven't assigned a trust index to this person. This means that GnuPG verified that the key made @@ -168,7 +168,7 @@ Primary key fingerprint: EF6E 286D DA85 EA2A 4BA7 DE68 4E2C 6E87 9329 8290 <pre> pub rsa4096/0x4E2C6E8793298290 2014-12-15 [C] [expires: 2020-08-24] Key fingerprint = EF6E 286D DA85 EA2A 4BA7 DE68 4E2C 6E87 9329 8290 -uid [ unknown] Tor Browser Developers (signing key) <torbrow...@torproject.org> +uid [ unknown] Tor Browser Developers (signing key) <torbrowser&at;torproject.org> sub rsa4096/0xD1483FA6C3C07136 2016-08-24 [S] [expires: 2018-08-24] Key fingerprint = A430 0A6B C93C 0877 A445 1486 D148 3FA6 C3C0 7136 sub rsa4096/0xEB774491D9FF06E2 2018-05-26 [S] [expires: 2020-09-12] @@ -190,16 +190,16 @@ sub rsa4096/0xEB774491D9FF06E2 2018-05-26 [S] [expires: 2020-09-12] gpg: assuming signed data in 'tor-browser-linux64-<version-torbrowserbundlelinux64>_en-US.tar.xz' gpg: Signature made Wed 15 Nov 2017 05:52:38 PM CET gpg: using RSA key 0xD1483FA6C3C07136 -gpg: Good signature from "Tor Browser Developers (signing key) <torbrow...@torproject.org>" [unknown] +gpg: Good signature from "Tor Browser Developers (signing key) <torbrowser&at;torproject.org>" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: EF6E 286D DA85 EA2A 4BA7 DE68 4E2C 6E87 9329 8290 Subkey fingerprint: A430 0A6B C93C 0877 A445 1486 D148 3FA6 C3C0 7136 </pre> - <p> Currently valid subkey fingerprints are: + <p>Currently valid subkey fingerprints are:</p> <pre> #include "subkey_fingerprints.wmi" TITLE="Tor Project: Subkey Fingerprints" CHARSET="UTF-8" - </pre></p> + </pre> <p> Notice that there is a warning because you haven't assigned a trust index to this person. This means that GnuPG verified that the key made diff --git a/include/keys.wmi b/include/keys.wmi index 1ba50734..f68197ed 100644 --- a/include/keys.wmi +++ b/include/keys.wmi @@ -1,20 +1,25 @@ #!/usr/bin/env wml <p> -This page is automatically generated from -<a href='/include/keys.txt'>keys.txt</a>. -The signing keys we use are: +This page was automatically generated page from +<a href='/include/keys.txt'>this file listing the gpg keys of our release teams</a>. +To learn how to verify signatures, see <a href="<page docs/signing-keys>"> +our manual</a>. +</p> +<p> +As of 8/118 the signing keys we use are: </p> <ul> -<li>The Tor Browser Developers (0x4E2C6E8793298290), Mike Perry (0x29846B3C683686CC), Georg Koppen (0xD1483FA6C3C07136), Nicolas Vigier (0xE5B81856D0220E4B), Arthur Edelstein (0xD752F538C0D38C3A) sign <strong>Tor Browser releases</strong></li> -<li>Roger Dingledine (0x28988BF5 and 0x19F78451), Nick Mathewson (0x165733EA with its signing key 0x8D29319A) sign <strong>Tor source tarballs</strong></li> -<li>Nick Mathewson (0x165733EA with its signing key 0x8D29319A) signed <strong>older Tor tarballs</strong></li> -<li>Tor Project Archive (0xEE8CBC9E886DDD89) signs <strong>deb.torproject.org repositories and archives</strong></li> -<li>Damian Johnson (0x9ABBEEC6) signs <strong>Arm releases</strong></li> -<li>The Tails team (0xDBB802B258ACD84F) signs <strong>Tails live system releases</strong></li> -<li>David Goulet (0x42E86A2A11F48D36) signs <strong>Torsocks releases</strong></li> -<li>Sukhbir Singh (0xB01C8B006DA77FAA) signs <strong>TorBirdy releases</strong></li> -<li>Other developers include Peter Palfrader (0x62AF4031C82E0039).</li> +<li>The Tor Browser Developers (<a href='https://pgp.mit.edu/pks/lookup?search=0x4E2C6E8793298290&op=vindex&exact=on'>0x4E2C6E8793298290</a>), Mike Perry (<a href='https://pgp.mit.edu/pks/lookup?search=0x29846B3C683686CC&op=vindex&exact=on'>0x29846B3C683686CC</a>), Georg Koppen (<a href='https://pgp.mit.edu/pks/lookup?search=0xD1483FA6C3C07136&op=vindex&exact=on'>0xD1483FA6C3C07136</a>), Nicolas Vigier (<a href='https://pgp.mit.edu/pks/lookup?search=0xE5B81856D0220E4B&op=vindex&exact=on'>0xE5B81856D0220E4B</a>), Arthur Edelstein (<a href='https://pgp.mit.edu/pks/lookup?search=0xD752F538C0D38C3A&op=vindex&exact=on'>0xD752F538C0D38C3A</a>) sign <strong>Tor Browser releases</strong></li> +<li>Roger Dingledine (<a href='https://pgp.mit.edu/pks/lookup?search=0x28988BF5&op=vindex&exact=on'>0x28988BF5</a> and <a href='https://pgp.mit.edu/pks/lookup?search=0x19F78451&op=vindex&exact=on'>0x19F78451</a>), Nick Mathewson (<a href='https://pgp.mit.edu/pks/lookup?search=0x165733EA&op=vindex&exact=on'>0x165733EA</a>) sign <strong>Tor source tarballs</strong></li> +<li>Nick Mathewson (<a href='https://pgp.mit.edu/pks/lookup?search=0x165733EA&op=vindex&exact=on'>0x165733EA</a>) signed <strong>older Tor tarballs</strong></li> +<li>Tor Project Archive (<a href='https://pgp.mit.edu/pks/lookup?search=0xEE8CBC9E886DDD89&op=vindex&exact=on'>0xEE8CBC9E886DDD89</a>) signs <strong>deb.torproject.org repositories and archives</strong></li> +<li>Damian Johnson (<a href='https://pgp.mit.edu/pks/lookup?search=0x9ABBEEC6&op=vindex&exact=on'>0x9ABBEEC6</a>) signs <strong>Arm releases</strong></li> +<li>The Tails team (<a href='https://pgp.mit.edu/pks/lookup?search=0xDBB802B258ACD84F&op=vindex&exact=on'>0xDBB802B258ACD84F</a>) signs <strong>Tails live system releases</strong></li> +<li>David Goulet (<a href='https://pgp.mit.edu/pks/lookup?search=0x42E86A2A11F48D36&op=vindex&exact=on'>0x42E86A2A11F48D36</a>) signs <strong>Torsocks releases</strong></li> +<li>Sukhbir Singh (<a href='https://pgp.mit.edu/pks/lookup?search=0xB01C8B006DA77FAA&op=vindex&exact=on'>0xB01C8B006DA77FAA</a>) signs <strong>TorBirdy releases</strong></li> +<li>Other developers include Peter Palfrader (<a href='https://pgp.mit.edu/pks/lookup?search=0x62AF4031C82E0039&op=vindex&exact=on'>0x62AF4031C82E0039</a>).</li> + </ul> <h2>Fingerprints</h2> <p>The fingerprints for the keys are:</p> @@ -24,6 +29,7 @@ pub rsa4096/0x4E2C6E8793298290 2014-12-15 [C] [expires: 2020-08-24] Key fingerprint = EF6E 286D DA85 EA2A 4BA7 DE68 4E2C 6E87 9329 8290 uid [ unknown] Tor Browser Developers (signing key) <torbrowser#torproject.org> sub rsa4096/0xEB774491D9FF06E2 2018-05-26 [S] [expires: 2020-09-12] + Key fingerprint = 1107 75B5 D101 FB36 BC6C 911B EB77 4491 D9FF 06E2 pub rsa8192/0x29846B3C683686CC 2013-09-11 [SC] Key fingerprint = C963 C21D 6356 4E2B 10BB 335B 2984 6B3C 6836 86CC @@ -32,12 +38,15 @@ uid [ unknown] Mike Perry <mikeperry#unencrypted.info> uid [ unknown] Mike Perry (Regular use key) <mikeperry#fscked.org> uid [ unknown] Mike Perry (Regular use key) <mikeperry#torproject.org> sub rsa4096/0x004AD1045BA0FE28 2017-10-31 [S] [expires: 2018-10-31] + Key fingerprint = 7AB6 A050 C544 CB16 60A9 F1E9 004A D104 5BA0 FE28 sub rsa4096/0xEEC50E9938F9F4E9 2017-10-31 [E] [expires: 2018-10-31] + Key fingerprint = B403 E911 BA38 63DB ED82 C57C EEC5 0E99 38F9 F4E9 pub rsa4096/0x4E2C6E8793298290 2014-12-15 [C] [expires: 2020-08-24] Key fingerprint = EF6E 286D DA85 EA2A 4BA7 DE68 4E2C 6E87 9329 8290 uid [ unknown] Tor Browser Developers (signing key) <torbrowser#torproject.org> sub rsa4096/0xEB774491D9FF06E2 2018-05-26 [S] [expires: 2020-09-12] + Key fingerprint = 1107 75B5 D101 FB36 BC6C 911B EB77 4491 D9FF 06E2 pub rsa4096/0xE5B81856D0220E4B 2014-03-19 [SC] Key fingerprint = 4A90 646C 0BAE D9D4 56AB 3111 E5B8 1856 D022 0E4B @@ -47,6 +56,7 @@ pub rsa2048/0xD752F538C0D38C3A 2014-12-10 [SC] Key fingerprint = 20B2 4CEF E6AF D615 0B6A 6F18 D752 F538 C0D3 8C3A uid [ unknown] Arthur Edelstein <arthuredelstein#gmail.com> sub rsa2048/0x3306E88D27211E0B 2014-12-10 [E] + Key fingerprint = 78BB DCF7 187D F8E7 F832 DD29 3306 E88D 2721 1E0B </pre> <h3>Tor source tarballs</h3> @@ -55,6 +65,7 @@ pub dsa1024/0xEB5A896A28988BF5 2000-02-27 [SCA] Key fingerprint = B117 2656 DFF9 83C3 042B C699 EB5A 896A 2898 8BF5 uid [ unknown] Roger Dingledine <arma#mit.edu> sub elg2048/0x147FF421788AFDCE 2000-02-27 [E] + Key fingerprint = 08E6 A5BD CF81 D0A3 1BDE 9474 147F F421 788A FDCE pub rsa1024/0x9C01813428988BF5 2014-06-16 [SCEA] [revoked: 2016-08-16] Key fingerprint = 2629 5471 A26A B9F9 6C0C 45BB 9C01 8134 2898 8BF5 @@ -66,6 +77,7 @@ uid [ unknown] Roger Dingledine <arma#mit.edu> uid [ unknown] Roger Dingledine <arma#freehaven.net> uid [ unknown] Roger Dingledine <arma#torproject.org> sub rsa4096/0x1A61312B4600E8BE 2018-06-03 [E] [expires: 2019-06-03] + Key fingerprint = 6C8F F7D9 F789 52A1 8986 52B7 1A61 312B 4600 E8BE pub rsa4096/0x468FAE2919F78451 2014-06-16 [SCEA] [revoked: 2016-08-16] Key fingerprint = 9C95 0D05 FC80 2DFA 79C3 7629 468F AE29 19F7 8451 @@ -82,7 +94,9 @@ uid [ unknown] Nick Mathewson <nickm#wangafu.net> uid [ unknown] Nick Mathewson <nickm#freehaven.net> uid [ unknown] [jpeg image of size 3369] sub rsa3072/0x910397D88D29319A 2004-07-03 [S] + Key fingerprint = EF00 F369 1387 FCC5 8CD6 8E13 9103 97D8 8D29 319A sub rsa3072/0xD2CA27F3F25B8E5E 2004-07-03 [E] + Key fingerprint = 11F2 E464 48C8 0F44 8F64 FC54 D2CA 27F3 F25B 8E5E pub rsa3072/0x21194EBB165733EA 2004-07-03 [SC] Key fingerprint = B35B F85B F194 89D0 4E28 C33C 2119 4EBB 1657 33EA @@ -91,7 +105,9 @@ uid [ unknown] Nick Mathewson <nickm#wangafu.net> uid [ unknown] Nick Mathewson <nickm#freehaven.net> uid [ unknown] [jpeg image of size 3369] sub rsa3072/0x910397D88D29319A 2004-07-03 [S] + Key fingerprint = EF00 F369 1387 FCC5 8CD6 8E13 9103 97D8 8D29 319A sub rsa3072/0xD2CA27F3F25B8E5E 2004-07-03 [E] + Key fingerprint = 11F2 E464 48C8 0F44 8F64 FC54 D2CA 27F3 F25B 8E5E </pre> <h3>older Tor tarballs</h3> @@ -107,7 +123,9 @@ uid [ unknown] Nick Mathewson <nickm#wangafu.net> uid [ unknown] Nick Mathewson <nickm#freehaven.net> uid [ unknown] [jpeg image of size 3369] sub rsa3072/0x910397D88D29319A 2004-07-03 [S] + Key fingerprint = EF00 F369 1387 FCC5 8CD6 8E13 9103 97D8 8D29 319A sub rsa3072/0xD2CA27F3F25B8E5E 2004-07-03 [E] + Key fingerprint = 11F2 E464 48C8 0F44 8F64 FC54 D2CA 27F3 F25B 8E5E pub rsa3072/0x21194EBB165733EA 2004-07-03 [SC] Key fingerprint = B35B F85B F194 89D0 4E28 C33C 2119 4EBB 1657 33EA @@ -116,7 +134,9 @@ uid [ unknown] Nick Mathewson <nickm#wangafu.net> uid [ unknown] Nick Mathewson <nickm#freehaven.net> uid [ unknown] [jpeg image of size 3369] sub rsa3072/0x910397D88D29319A 2004-07-03 [S] + Key fingerprint = EF00 F369 1387 FCC5 8CD6 8E13 9103 97D8 8D29 319A sub rsa3072/0xD2CA27F3F25B8E5E 2004-07-03 [E] + Key fingerprint = 11F2 E464 48C8 0F44 8F64 FC54 D2CA 27F3 F25B 8E5E </pre> <h3>deb.torproject.org repositories and archives</h3> @@ -125,6 +145,7 @@ pub rsa2048/0xEE8CBC9E886DDD89 2009-09-04 [SC] [expires: 2022-08-05] Key fingerprint = A3C4 F0F9 79CA A22C DBA8 F512 EE8C BC9E 886D DD89 uid [ unknown] deb.torproject.org archive signing key sub rsa2048/0x74A941BA219EC810 2009-09-04 [S] [expires: 2020-11-23] + Key fingerprint = 2265 EB4C B2BF 88D9 00AE 8D1B 74A9 41BA 219E C810 </pre> <h3>Arm releases</h3> @@ -138,7 +159,9 @@ pub dsa1024/0x0445B7AB9ABBEEC6 2009-06-17 [SC] uid [ unknown] Damian Johnson (www.atagar.com) <atagar1#gmail.com> uid [ unknown] Damian Johnson <atagar#torproject.org> sub rsa2048/0x888404C187F30690 2010-08-07 [S] + Key fingerprint = 2AE2 24F5 C424 990A E520 6C85 8884 04C1 87F3 0690 sub elg2048/0x04F1B63D146276B2 2009-06-17 [E] + Key fingerprint = C500 E569 5F09 CB7B AA81 A9CE 04F1 B63D 1462 76B2 </pre> <h3>Tails live system releases</h3> @@ -148,9 +171,13 @@ pub rsa4096/0xDBB802B258ACD84F 2015-01-18 [C] [expires: 2020-01-11] uid [ unknown] Tails developers (offline long-term identity key) <tails#boum.org> uid [ unknown] Tails developers <tails#boum.org> sub ed25519/0x90B2B4BD7AED235F 2017-08-28 [S] [expires: 2020-01-11] + Key fingerprint = CD4D 4351 AFA6 933F 574A 9AFB 90B2 B4BD 7AED 235F sub rsa4096/0xD21DAD38AF281C0B 2017-08-28 [S] [expires: 2020-01-11] + Key fingerprint = 0546 9FB8 5EAD 6589 B43D 41D3 D21D AD38 AF28 1C0B sub rsa4096/0x3020A7A9C2B72733 2017-08-28 [S] [expires: 2020-01-11] + Key fingerprint = 2FAF 9BA0 D65B B371 F0BC 2D46 3020 A7A9 C2B7 2733 sub rsa4096/0xA8B0F4E45B1B50E2 2018-08-30 [S] [expires: 2020-01-11] + Key fingerprint = FE02 9CB4 AAD4 788E 1D78 28E8 A8B0 F4E4 5B1B 50E2 </pre> <h3>Torsocks releases</h3> @@ -161,6 +188,7 @@ uid [ unknown] David Goulet <dgoulet#ev0ke.net> uid [ unknown] David Goulet <dgoulet#riseup.net> uid [ unknown] David Goulet <dgoulet#torproject.org> sub rsa4096/0x2AC6036C93CC198D 2013-09-10 [E] [expires: 2019-08-17] + Key fingerprint = 0451 E51B 33B7 AC38 C57B 09F7 2AC6 036C 93CC 198D </pre> <h3>TorBirdy releases</h3> @@ -170,6 +198,7 @@ pub rsa4096/0xB01C8B006DA77FAA 2016-02-25 [SC] [expires: 2020-02-24] uid [ unknown] Sukhbir Singh <azadi#riseup.net> uid [ unknown] Sukhbir Singh <sukhbir#torproject.org> sub rsa4096/0x1AF20C043D9F9289 2016-02-25 [E] [expires: 2020-02-24] + Key fingerprint = 4403 733D 7141 9BF1 8617 4988 1AF2 0C04 3D9F 9289 </pre> <h3>other</h3> @@ -180,6 +209,8 @@ uid [ unknown] Peter Palfrader uid [ unknown] Peter Palfrader <weasel#debian.org> uid [ unknown] Peter Palfrader <peter#palfrader.org> sub rsa2048/0x8602C8203872331F 2014-05-04 [S] [expires: 2020-09-01] + Key fingerprint = B383 D785 A8C9 2FDE BC06 0376 8602 C820 3872 331F sub rsa2048/0xE377AED938E4E080 2014-05-04 [E] [expires: 2020-09-01] + Key fingerprint = 0BF9 8225 6E85 3044 9E69 D6C7 E377 AED9 38E4 E080 </pre> diff --git a/include/subkey_fingerprints.wmi b/include/subkey_fingerprints.wmi index e556dab2..f113628f 100644 --- a/include/subkey_fingerprints.wmi +++ b/include/subkey_fingerprints.wmi @@ -1,5 +1,2 @@ #!/usr/bin/env wml -5242 013F 02AF C851 B1C7 36B8 7017 ADCE F65C 2036 -BA1E E421 BBB4 5263 180E 1FC7 2E1A C68E D408 14E0 1107 75B5 D101 FB36 BC6C 911B EB77 4491 D9FF 06E2 -A430 0A6B C93C 0877 A445 1486 D148 3FA6 C3C0 7136 _______________________________________________ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits