[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
mysterious PGP release-signing keys
-----BEGIN PGP SIGNED MESSAGE-----
Please excuse the crosspost, but does anyone know *who* generated and/or
owns these keys?
0xC8501551 Verify Key for http://www.arc.unm.edu/~drosoff/*
0xAA9AE13F Verify PGP 6.0.2 PP - RSA
0x772B7382 VERIFY <[email protected]>
They seem to be used for signing/verifying PGP releases (e.g. the 602 by CKT
at Replay), but there's nothing on the keys that identifies the responsible
engineer who compiled the source, nor do some of them seem to be certified
by anyone in the WoT. Questions have been raised about the authenticity and
security of those compiles and these keys.
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.0.2
Comment: Get interested in computers -- they're interested in YOU!
-----END PGP SIGNATURE-----