Am 13.01.2011 19:47, schrieb Todd Zullinger: > Hi Karsten, > > Karsten Hopp wrote: >> According to https://fedoraproject.org/wiki/Create_release_signing_key#fedoraproject.org >> I need to send the attached key to this address. >> I've also asked Jesse Keating and Dennis Gilmore to add the key to >> the fedora-release git repository, that still needs to be done. >> (Btw, the URL above still points to a CVS repository, that should be >> changed to the git repo) >> >> If there are any questions you can find me as either karsten_ or >> Kick_ in #fedora-devel on freenode IRC >> >> Thanks >> Karsten Hopp (s390x secondary arch maintainer) > >> pub 1024D/FDB36B03 2010-12-23 Fedora (14-s390x)<fedora@xxxxxxxxxxxxxxxxx> >> sub 2048g/E363096B 2010-12-23 > > Just wanted to reply and verify this, in case someone spoofed your > address (since this request wasn't signed with the GPG key on record > for your Fedora account ;). > > Also, any reason why the key has an encryption subkey? The newer > fedora releases use a larger RSA key, signing only. I'm guessing 1024 > DSA with a 2048 Elgamal is just because it's the default in older > versions of GPG? > No, the request really came from me. But thanks for checking instead of blindly adding a potential dangerous key to the official list ! I have no idea how I ended ub with a sub-key. I've followed the guide (1) to set up a signing server with sigul and let sigul create the key instead of running gpg manually. (1) http://fedoraproject.org/wiki/Create_release_signing_key Karsten -- websites mailing list websites@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/websites
