thgtoa/KEY_ROTATION.md
2022-11-13 03:34:50 -05:00

1.1 KiB

PGP/GPG key ID 7DFFD7471FB76E2A8ABBBCDDD769B3749E933B8A is no longer active PGP/GPG key ID 42FF35DB9DE7C088AB0FD4A70C216A52F6DF4920 is no longer active

This project now uses separate master, release signing, and email keys.

Current master key fingerprint: 9EA98278639F1CD853E096CBFF94507587A6A9B9 Current release key fingerprint: 83A6CF9EF57AC25B5C7F5D29285E6048A12321B2 Current email key fingerprint: B6D1757632A280F99F2DCBFDB9AB9D93AFF05B9C

The email and release keys should be signed by the master key. The master key takes precedence over all other project keys.

Minisign key

untrusted comment: minisign public key 902835EC74825934
RWQ0WYJ07DUokK8V/6LNJ9bf/O/QM9k4FSlDmzgEeXm7lEpw3ecYjXDM

is no longer active

Use

untrusted comment: minisign public key FE6A09A3AF18F7A7
RWSn9xivowlq/ihAzclDBxhCxbYz4bLkC8E645lHgSUlQNlDvoTxO5Fv

instead

Files signed using this key pair can be verified with the following command:

minisign -Vm <file> -P RWSn9xivowlq/ihAzclDBxhCxbYz4bLkC8E645lHgSUlQNlDvoTxO5Fv