On Thu, Apr 18, 2024 at 08:02:09PM +0200, Carlos E. R. wrote: > On 2024-04-18 10:23, Carlos Maiolino wrote: > > Hi, > > I didn't mean to send such email, but more than one person already asked me about it, so, sharing it > > for a broader audience. > > > > > > TL;DR; > > > > I started to use a new key to sign stuff two months ago, if you had any key mismatch problem, update > > your keyring. My apologies for any trouble. > > > > > > == Long Version == > > ... > > > My certify (or master key) is still the same: 4020459E58C1A52511F5399113F703E6C11CF6F0 > > With a new extra subkey added under it: 0C1D891C50A732E0680F7B644675A111E50B5FA6 > > I only wanted to point out that the network of GPG keyservers is broken, > since the attack they suffered a few years back. > > For instance, Thunderbird internal key manager finds your keys ID above, > apparently using "vks://keys.openpgp.org, hkps://keys.mailvelope.com". > > However, kleopatra (Plasma key manager) doesn't (using hkp://keys.gnupg.net > or hkps://hkps.pool.sks-keyservers.net, not clear which). > > > That is, keys are not propagated through all the servers as they were in the > past. You listed several reasons why kernel.org keeps its own repository with maintainers keys :) There are even instructions on how to automatically update the keys based on kernel.org repository: https://korg.docs.kernel.org/pgpkeys.html#automatically-refreshing-keys So, everybody relying on maintainers keys can keep their keyring updated. > > And directly from the kernel.org's database: > > > > pgpkeys $ man gp --with-subkey-fingerprint keys/13F703E6C11CF6F0.asc > > pub ed25519 2022-05-27 [C] > > 4020459E58C1A52511F5399113F703E6C11CF6F0 > > uid Carlos Eduardo Maiolino <carlos@xxxxxxxxxxx> > > uid Carlos Eduardo Maiolino <cmaiolino@xxxxxxxxxx> > > uid Carlos Eduardo Maiolino <cem@xxxxxxxxxx> > > sub ed25519 2022-05-27 [A] > > 36C5DFE1ECA79D1D444FDD904E5621A566959599 > > sub ed25519 2022-05-27 [S] > > FA406E206AFF7873897C6864B45618C36A24FD23 <-- Old key still valid > > sub cv25519 2022-05-27 [E] > > 5AE98D09B21AFBDE62EE571EE01E05EA81B10D5C > > sub nistp384 2024-02-15 [A] > > D3DF1E315DBCB4EDF392D6ED2BE8B50768C99F00 > > sub nistp384 2024-02-15 [S] > > 0C1D891C50A732E0680F7B644675A111E50B5FA6 <-- New key > > sub nistp384 2024-02-15 [E] > > C79922EE45DEA3F58B99B4701201F4FA234EEFD8 > > > Information obtained once I changed the keyserver: > > cer@Telcontar:~> gpg --list-keys \ > 4020459E58C1A52511F5399113F703E6C11CF6F0 > pub ed25519 2022-05-27 [C] > 4020459E58C1A52511F5399113F703E6C11CF6F0 > uid [ full ] Carlos Eduardo Maiolino <carlos@xxxxxxxxxxx> > uid [ full ] Carlos Eduardo Maiolino <cem@xxxxxxxxxx> > uid [ full ] Carlos Eduardo Maiolino <cmaiolino@xxxxxxxxxx> > sub ed25519 2022-05-27 [A] > sub ed25519 2022-05-27 [S] > sub nistp384 2024-02-15 [A] > sub nistp384 2024-02-15 [S] > sub nistp384 2024-02-15 [E] > sub cv25519 2022-05-27 [E] > > > > -- > Cheers / Saludos, > > Carlos E. R. > (from 15.5 x86_64 at Telcontar) >
