Circa 2002-12-19 10:31:51 -0500 dixit John Dalbec:
: I noticed that the exim-4.12 tarballs have been signed. Whose public
: key was used and where do I get it?
: Thanks,
: John Dalbec
These are the keys i have listed for Philip:
$ gpg --list-keys --fingerprint --verbose 'Philip Hazel'
pub 2048R/FB0F43D8 2002-10-21 Philip Hazel <ph10@???>
Key fingerprint = 45F6 8D54 BBE2 3FB3 039B 46E5 9766 E084 FB0F 43D8
sig FB0F43D8 2002-10-21 Philip Hazel <ph10@???>
sig 84C71B6E 2002-10-31 Tony Finch <dot@???>
sub 2048R/ECFA4A69 2002-10-21
sig FB0F43D8 2002-10-21 Philip Hazel <ph10@???>
$
One of the key IDs corresponds to the one Philip announced at the end
of October:
: From: Philip Hazel <ph10@???>
: To: exim-users@???
: Message-ID: <Pine.SOL.4.44.0210311246400.18005-100000@???>
: Subject: [Exim] Snapshot for GnuTLS testing
: Date: Thu, 31 Oct 2002 12:48:37 +0000 (GMT)
:
: [...]
: I have now equipped myself with GnuPG, and so I have signed the
: snapshot. I would like people to confirm whether I have done this
: correctly. You won't be able to trust the signature because my key
: has not been signed by anybody else, though I can offer (below) a
: signed letter from Ross Anderson, confirming that my GPG key
: fingerprint is as follows:
:
: pub 2048R/FB0F43D8 2002-10-21 Philip Hazel <ph10@???>
: Key fingerprint = 45F6 8D54 BBE2 3FB3 039B 46E5 9766 E084 FB0F 43D8
: uid Philip Hazel <ph10@???>
The weird thing is that it was listed on the keyserver under a
different ID. Perhaps the keyservers don't grok 2048-bit RSA keys
properly?
--
jim knoble | jmknoble@??? |
http://www.pobox.com/~jmknoble/
(GnuPG fingerprint: 31C4:8AAC:F24E:A70C:4000::BBF4:289F:EAA8:1381:1491)
"I am non-refutable." --Enik the Altrusian
