Signing update -- license^W key revoked

Bill Ricker bill.n1vux at gmail.com
Thu Sep 20 13:37:49 EDT 2018


tl;dr -- don't bother trying to sign mine !

I was informed my  key 4096 RSA 41936952 (090F 3675 F519 C3D3 A5D8  E763
9CD4 CB6D 4193 6952)
shows as REVOKED on the keyserver.
(Our sign-up PHP should filter out revoked and expired keys !!?)

Oddly, i was able to push change of expiration date anyway ... but if i
pull it back, i now see it revoked too.
Interesting.  I don't recall doing that ...  and I got a Bot reminder it
was expiring last week!
Did i do it by accident, trying to follow a best-practice cookbook to make
an emergency revoke cert and instead sending one?
IDK.
I didn't think i was affected by the Debian weak primes but maybe that key
was, and the gray-hats popped it for safety.

Well, at least it's reassurance that Revoked keys actually will not be
used, if one checks them often !

> pub   rsa4096/41936952 2013-09-18 [SC] [expires: 2019-09-17]
>       Key fingerprint = 090F 3675 F519 C3D3 A5D8  E763 9CD4 CB6D 4193 6952
> uid         [ultimate] William Ricker (Boston) <bill.n1vux at gmail.com>
> uid         [ultimate] William Ricker (Boston) <n1vux at arrl.net>
> sub   rsa4096/938DF10B 2013-09-18 [E] [expires: 2019-09-17]
>
> pub   rsa4096/41936952 2014-06-16 [SCEA] [revoked: 2016-08-16]
>       Key fingerprint = BFE3 CE1E 3A50 F8ED 96C8  537D D27E 035F 4193 6952
> uid         [ revoked] William Ricker (Boston) <n1vux at arrl.net>
>


-- 
Bill Ricker
bill.n1vux at gmail.com
https://www.linkedin.com/in/n1vux
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.gnhlug.org/pipermail/gnhlug-discuss/attachments/20180920/7e541986/attachment.html 


More information about the gnhlug-discuss mailing list