Skip to content
Snippets Groups Projects

Update GPG subkey in ldap

    • Closed (moved) Issue created by Mike Perry @mikeperry

    Please update my gpg key in LDAP. It has not been updated since the subkeys expired. The new key is attached as a trac attachment.

    To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

    Child items 0

    • No child items are currently assigned. Use child items to break down this issue into smaller parts.

    Activity

    • Mike Perry added component::internal services/tor sysadmin team owner::anarcat priority::medium resolution::fixed severity::normal status::closed type::task labels

      added component::internal services/tor sysadmin team owner::anarcat priority::medium resolution::fixed severity::normal status::closed type::task labels

    • anarcat
      anarcat @anarcat ·
      Owner

      Hello mike,

      I'm confused: I have C963C21D63564E2B10BB335B29846B3C683686CC as your key in the keyring right now, and the key you provided is not signed with that key. How can I trust the public key you provide is the right one?

      I would like your new key to be signed by the old one, or by a trusted key in the keyring.

      Sorry for the trouble.

    • Mike Perry
      Mike Perry @mikeperry ·
      Author

      Oh yikes! I had used an old interim key by accident. Yikes. Uploading the updated version of C963C21D63564E2B10BB335B29846B3C683686CC with a detached signature from C963C21D63564E2B10BB335B29846B3C683686CC

      Sorry for the mixup.

    • Mike Perry
      Mike Perry @mikeperry ·
      Author

      Trac:
      gpg-detached-sig.pub

    • Mike Perry
      Mike Perry @mikeperry ·
      Author

      Updated version of Oh yikes! I had Updated subkeys of key C963C21D63564E2B10BB335B29846B3C683686CC

    • Mike Perry
      Mike Perry @mikeperry ·
      Author

      Trac:
      gpg-detached-sig.pub.asc

    • Mike Perry
      Mike Perry @mikeperry ·
      Author

      Detached sig

    • anarcat
      anarcat @anarcat ·
      Owner

      Trac:
      Status: new to assigned
      Owner: tpa to anarcat

    • anarcat
      anarcat @anarcat ·
      Owner

      that signature is still not issued from a known key.

      $ gpg --verify gpg-detached-sig.pub.asc  gpg-detached-sig.pub 
gpg: Signature made Tue May 28 00:00:47 2019 EDT
gpg:                using RSA key 660DDE645EEFF156
gpg: Can't check signature: No public key

      but it looks like you're just adding new subkeys so i think i can add this, let me just double-check.

    • anarcat
      anarcat @anarcat ·
      Owner

      committed and pushed, should propagated to all servers some time today...

      Trac:
      Resolution: N/A to fixed
      Status: assigned to closed

    • anarcat
      anarcat @anarcat ·
      Owner

      internal note: mike's key had extra stuff in our git repo, so i re-exported it with "export-minimal" in a first commit, then re-exported it with the updated subkey here. here's what the diff looks like:

      commit b55b30fe7fc298b510885b42689d08dd96c1e0d6
Author: Antoine Beaupré <anarcat@debian.org>
Date:   Tue May 28 11:58:25 2019 -0400

    re-export mikeperry's key using the correct export-minimal options
    
    This is in preparation for fixing #30648

diff --git a/mikeperry-C963C21D63564E2B10BB335B29846B3C683686CC.gpg b/mikeperry-C963C21D63564E2B10BB335B29846B3C683686CC.gpg
index 3fb0545..c5d4bf2 100644
--- a/mikeperry-C963C21D63564E2B10BB335B29846B3C683686CC.gpg
+++ b/mikeperry-C963C21D63564E2B10BB335B29846B3C683686CC.gpg
@@ -2,48 +2,9 @@ pub   rsa8192/29846B3C683686CC 2013-09-11 [SC]
       C963C21D63564E2B10BB335B29846B3C683686CC
 uid                           Mike Perry (Regular use key) <mikeperry@torproject.org>
 sig        29846B3C683686CC 2013-09-11   [selfsig]
-sig        1B0CA30CDDC6C0AD 2013-09-27   [User ID not found]
-sig        2F3E886DC0369345 2014-03-06   [User ID not found]
-sig        627DEE286B4D6475 2013-12-10   [User ID not found]
-sig        C009DB191C92A77B 2014-09-10   [User ID not found]
-sig        9768FD3CC48815F2 2014-07-04   VOISIN Julien <julien.voisin@dustri.org>
-sig        70BA0146F7164D08 2014-09-06   [User ID not found]
-sig        6192A717D09B9CAB 2014-10-16   [User ID not found]
-sig        CD974C9A394D633F 2014-11-15   [User ID not found]
-sig        98DDBB4E22CA2C83 2014-11-23   [User ID not found]
-sig        153FE398821C8394 2015-01-12   [User ID not found]
-sig        A993E7156E0E9923 2015-03-03   [User ID not found]
-sig        8E5F44BA68E689C5 2015-08-02   [User ID not found]
-sig        23451B107AA03941 2016-01-03   [User ID not found]
-sig        23275189B8E7626C 2016-02-08   [User ID not found]
 uid                           Mike Perry (Regular use key) <mikeperry@fscked.org>
-sig        C009DB191C92A77B 2014-09-10   [User ID not found]
 sig        29846B3C683686CC 2014-09-08   [selfsig]
-sig        6192A717D09B9CAB 2014-10-16   [User ID not found]
-sig        CD974C9A394D633F 2014-11-15   [User ID not found]
-sig        98DDBB4E22CA2C83 2014-11-23   [User ID not found]
-sig        153FE398821C8394 2015-01-12   [User ID not found]
-sig        A993E7156E0E9923 2015-03-03   [User ID not found]
-sig        8E5F44BA68E689C5 2015-08-02   [User ID not found]
-sig        23451B107AA03941 2016-01-03   [User ID not found]
-sig        23275189B8E7626C 2016-02-08   [User ID not found]
 uid                           Mike Perry <mikeperry@endarken.info>
 sig        29846B3C683686CC 2015-09-08   [selfsig]
-sig        23451B107AA03941 2016-01-03   [User ID not found]
-sig        23275189B8E7626C 2016-02-08   [User ID not found]
 uid                           Mike Perry <mikeperry@unencrypted.info>
 sig        29846B3C683686CC 2015-09-07   [selfsig]
-sig        23451B107AA03941 2016-01-03   [User ID not found]
-sig        23275189B8E7626C 2016-02-08   [User ID not found]
-sub   rsa4096/717F1F130E3A92E4 2013-09-11 [S] [expired: 2014-09-11]
-sig        29846B3C683686CC 2013-09-11   [keybind]
-sub   rsa4096/A3BD8153BC40FFA0 2013-09-11 [E] [expired: 2014-09-11]
-sig        29846B3C683686CC 2013-09-11   [keybind]
-sub   rsa4096/4102F895D2F1E186 2014-09-08 [S] [expired: 2015-09-08]
-sig        29846B3C683686CC 2014-09-08   [keybind]
-sub   rsa4096/6A98BF5993125AD5 2014-09-08 [E] [expired: 2015-09-08]
-sig        29846B3C683686CC 2014-09-08   [keybind]
-sub   rsa4096/E23BB32C0F129402 2015-09-07 [S] [expired: 2016-09-11]
-sig        29846B3C683686CC 2015-09-07   [keybind]
-sub   rsa4096/B0D1CB47ACC0A961 2015-09-07 [E] [expired: 2016-09-11]
-sig        29846B3C683686CC 2015-09-07   [keybind]

commit bf7e397a84e41f04e955f9dc33efad586498490d
Author: Antoine Beaupré <anarcat@debian.org>
Date:   Tue May 28 12:35:04 2019 -0400

    mikperry key renewal #30648

diff --git a/mikeperry-C963C21D63564E2B10BB335B29846B3C683686CC.gpg b/mikeperry-C963C21D63564E2B10BB335B29846B3C683686CC.gpg
index c5d4bf2..0501cbd 100644
--- a/mikeperry-C963C21D63564E2B10BB335B29846B3C683686CC.gpg
+++ b/mikeperry-C963C21D63564E2B10BB335B29846B3C683686CC.gpg
@@ -8,3 +8,7 @@ uid                           Mike Perry <mikeperry@endarken.info>
 sig        29846B3C683686CC 2015-09-08   [selfsig]
 uid                           Mike Perry <mikeperry@unencrypted.info>
 sig        29846B3C683686CC 2015-09-07   [selfsig]
+sub   rsa4096/660DDE645EEFF156 2019-01-23 [S] [expires: 2020-12-22]
+sig        29846B3C683686CC 2019-01-23   [keybind]
+sub   rsa4096/BB87D54A948287DE 2019-01-23 [E] [expires: 2020-12-22]
+sig        29846B3C683686CC 2019-01-23   [keybind]
    • Trac closed

      closed

    Please register or sign in to reply