#22957 closed task (fixed)

Please update my key on db.tpo

Reported by: hellais Owned by: tpa
Priority: Medium Milestone:
Component: Internal Services/Tor Sysadmin Team Version:
Severity: Normal Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Hi,

I would like to have my PGP key updated on db.tpo. The one that is currently stored there is expired/revoked.

This is my new key:

% gpg --fingerprint 67EF3966509986E96ACEE84E5D67CD18702287F4
pub   dsa3072/5D67CD18702287F4 2015-10-19 [SC] [expires: 2018-05-06]
      Key fingerprint = 67EF 3966 5099 86E9 6ACE  E84E 5D67 CD18 7022 87F4
uid                 [ultimate] Arturo Filastò <arturo@filasto.net>
uid                 [ultimate] Arturo Filastò <art@fuffa.org>
uid                 [ultimate] Arturo Filastò <art@torproject.org>
uid                 [ultimate] Arturo Filastò <arturo@openobservatory.org>
sub   elg2752/5D8D319EC58FC4EE 2015-10-19 [E] [expires: 2018-05-06]

Child Tickets

Change History (13)

comment:1 Changed 13 months ago by weasel

Resolution: invalid
Status: newclosed

This key has no signatures, and this request isn't signed (nor are there any unrevoked keys that could sign it, AIUI.)

You'll need to get your key properly signed first.

comment:2 in reply to:  1 Changed 13 months ago by hellais

Replying to weasel:

This key has no signatures, and this request isn't signed (nor are there any unrevoked keys that could sign it, AIUI.)

Who must I get it signed by?

Can I use some other form of verification to validate I am the real owner of this key?

You'll need to get your key properly signed first.

Maybe you can leave this ticket open, while I obtain the requirements to satisfying this ticket?

comment:3 Changed 13 months ago by weasel

Ideally, two or more keys already in the deb.tpo keyring would have signed your key.

comment:4 Changed 13 months ago by hellais

Ideally, two or more keys already in the deb.tpo keyring would have signed your key.

Is there a place where I can get the list of such keys?

comment:5 Changed 13 months ago by weasel

db.torproject.org lists keys if you search for users. Getting sigs from people @torproject.org should not be too hard I hope.

Generally, I need a reasonable trust path to that key.

comment:6 Changed 13 months ago by weasel

Resolution: invalid
Status: closedreopened

comment:7 Changed 13 months ago by weasel

Status: reopenedneeds_information

comment:8 Changed 13 months ago by hellais

Here is photographic evidence that this is in fact my new PGP key: https://twitter.com/hellais/status/887320708266819589.

comment:9 Changed 13 months ago by atagar

Looks Photoshopped.

Sorry, couldn't help it. Thanks though, picture made me laugh this morning. ;P

comment:10 Changed 13 months ago by arma

Ok, I signed Arturo's new key (and uploaded the sig to the keyservers).

comment:11 Changed 13 months ago by weasel

I don't see those sigs yet.

comment:12 in reply to:  11 Changed 13 months ago by hellais

Replying to weasel:

I don't see those sigs yet.

pgp.mit.edu has them: http://pgp.mit.edu/pks/lookup?op=vindex&search=0x5D67CD18702287F4

comment:13 Changed 13 months ago by weasel

Resolution: fixed
Status: needs_informationclosed
Note: See TracTickets for help on using tickets.