|
Home > Archive > Debian Developers > October 2004 > AMD64 Archive Key compromised!
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
AMD64 Archive Key compromised!
|
|
| Adam Majer 2004-10-28, 5:52 pm |
| Matthew Garrett wrote:
>Developers, do not allow
>
>http://www.google.com/search?q=inurl%3Asecring.gpg
>
>to happen to you.
>
>
>
Yeah.
debian-amd64.alioth.debian.org/pure64/wanna-build/secring.gpg
<http://debian-amd64.alioth.debian.o...ild/secring.gpg>
is Forbidden, but
ftp.belnet.be/linux/debian-amd64/wanna-build/secring.gpg
<http://ftp.belnet.be/linux/debian-a...ild/secring.gpg>
ftp.belnet.be/pub/mirror/debian-amd64.alioth.debian.org/wanna-build/secring.gpg
<http://ftp.belnet.be/pub/mirror/deb...ild/secring.gpg>
are wide open.
So, with no further delay, here's the revocation certificate for the
AMD64 archive key!
Man, people had secret keys on broken in machines and those were removed
from the archive. But to have a secring.gpg on Google?
I also took the liberty to send this revocation certificate to
keyring.debian.org
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: A revocation certificate should follow
iGYEIBECACYFAkGBKG4fHQJzZWNyaW5nLmdwZyBm
b3VuZCBvbiBHb29nbGUhIQAK
CRCVXxufOIK6/ GbFAJ4yTldjZzm015upfsAcKwNoFf5y8wCdHRGIT
dO2XRWnbZy+
3q7JMAf9CI4=
=rMmn
-----END PGP PUBLIC KEY BLOCK-----
--
Building your applications one byte at a time
http://www.galacticasoftware.com
--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
| |
| Jens Schmalzing 2004-10-29, 2:49 am |
| Hi,
Adam Majer writes:
> But to have a secring.gpg on Google?
I guess this is the modern version of "real men just upload their
important stuff on ftp, and let the rest of the world mirror it."
Regards, Jens.
--=20
J'qbpbe, le m'en fquz pe j'qbpbe!
Le veux aimeb et mqubib panz je p=E9zqbpbe je djuz tqtaj!
| |
| Francesco P. Lovergine 2004-10-29, 7:48 am |
| On Fri, Oct 29, 2004 at 08:52:07AM +0200, Jens Schmalzing wrote:
>
> I guess this is the modern version of "real men just upload their
> important stuff on ftp, and let the rest of the world mirror it."
>
RMS used to have no password at MIT times, indeed 
How times changed!
--
Francesco P. Lovergine
--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
|
|
|
|
|