[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

mysterious PGP release-signing keys

To: [email protected], [email protected], [email protected], [email protected]
Subject: mysterious PGP release-signing keys
From: Dave Del Torto <[email protected]>
Date: Sun, 20 Dec 1998 14:09:45 -0800
Cc: Philip Zimmermann <[email protected]>, St�le Schumacher <[email protected]>, Alex de Joode <[email protected]>
Sender: [email protected]


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Please excuse the crosspost, but does anyone know *who* generated and/or
owns these keys?

 0xBB1EEF1B Verify
 0xC8501551 Verify Key for http://www.arc.unm.edu/~drosoff/*
 0xAA9AE13F Verify PGP 6.0.2 PP - RSA
 0x772B7382 VERIFY <[email protected]>

They seem to be used for signing/verifying PGP releases (e.g. the 602 by CKT
at Replay), but there's nothing on the keys that identifies the responsible
engineer who compiled the source, nor do some of them seem to be certified
by anyone in the WoT. Questions have been raised about the authenticity and
security of those compiles and these keys.

   dave


-----BEGIN PGP SIGNATURE-----
Version: PGP 6.0.2
Comment: Get interested in computers -- they're interested in YOU!

iQA/AwUBNn11mJBN/qMowCmvEQI4IwCfad0S9Algw7PPDsgWChimC4Cx6dcAnjtu
h2trwMi08tJMCD76W6W8DP/L
=TFuT
-----END PGP SIGNATURE-----

Follow-Ups:
- Re: mysterious PGP release-signing keys
  - From: Alex Alten <[email protected]>

Prev by Date: Felices Fiestas
Next by Date: politically correct bomb graffiti
Prev by thread: Felices Fiestas
Next by thread: Re: mysterious PGP release-signing keys
Index(es):
- Date
- Thread