refresh upstream signing keys
This refreshes the upstream signing keys to their current preferred forms, without changing any of the specific primary keys.
The substantive updates are:
- packets all use "new" OpenPGP format (introduced 20 years ago)
- revoking old hushmail User ID for Nikos
- updating the expiration dates of most certificates
- replacing signatures that used SHA1 with SHA256 or SHA512
- new subkey for Tim
- remove Alexander's User Attribute image
Concretely, the changes here are (via "sq toolbox packet dump"):
--- before/signing-key.asc
+++ after/signing-key.asc
@@ -1,4 +1,4 @@
-Public-Key Packet, old CTB, 401 bytes
+Public-Key Packet, new CTB, 401 bytes
Version: 4
Creation time: 2008-05-04 16:35:00 UTC
Pk algo: RSA
@@ -6,14 +6,14 @@
Fingerprint: 1F42418905D8206AA754CCDC29EE58B996865171
KeyID: 29EE58B996865171
-User ID Packet, old CTB, 41 bytes
- Value: Nikos Mavrogiannopoulos <nmav@gnutls.org>
+User ID Packet, new CTB, 55 bytes
+ Value: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
-Signature Packet, old CTB, 451 bytes
+Signature Packet, new CTB, 474 bytes
Version: 4
Type: PositiveCertification
Pk algo: RSA
- Hash algo: SHA1
+ Hash algo: SHA512
Hashed area:
Key flags: CS
Key expiration time: 19years 11months 25days 9h 50m 24s
@@ -22,23 +22,23 @@
Compression preferences: Zlib, BZip2, Zip
Features: SEIPDv1
Keyserver preferences: no modify
- Signature creation time: 2008-09-15 18:57:11 UTC
+ Issuer Fingerprint: 1F42418905D8206AA754CCDC29EE58B996865171
+ Signature creation time: 2021-02-13 15:06:51 UTC
Primary User ID: true
Unhashed area:
Issuer: 29EE58B996865171
- Digest prefix: F922
+ Digest prefix: EFEC
Level: 0 (signature over data)
-User ID Packet, old CTB, 55 bytes
- Value: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
+User ID Packet, new CTB, 41 bytes
+ Value: Nikos Mavrogiannopoulos <nmav@gnutls.org>
-Signature Packet, old CTB, 448 bytes
+Signature Packet, new CTB, 471 bytes
Version: 4
Type: PositiveCertification
Pk algo: RSA
- Hash algo: SHA1
+ Hash algo: SHA512
Hashed area:
- Signature creation time: 2008-05-04 16:39:49 UTC
Key flags: CS
Key expiration time: 19years 11months 25days 9h 50m 24s
Symmetric algo preferences: AES256, AES192, AES128, CAST5, TripleDES
@@ -46,34 +46,31 @@
Compression preferences: Zlib, BZip2, Zip
Features: SEIPDv1
Keyserver preferences: no modify
+ Issuer Fingerprint: 1F42418905D8206AA754CCDC29EE58B996865171
+ Signature creation time: 2021-02-13 15:06:51 UTC
Unhashed area:
Issuer: 29EE58B996865171
- Digest prefix: 0BE3
+ Digest prefix: 790E
Level: 0 (signature over data)
-User ID Packet, old CTB, 43 bytes
+User ID Packet, new CTB, 43 bytes
Value: Nikos Mavrogiannopoulos <nmav@hushmail.com>
-Signature Packet, old CTB, 450 bytes
+Signature Packet, new CTB, 457 bytes
Version: 4
- Type: PositiveCertification
+ Type: CertificationRevocation
Pk algo: RSA
- Hash algo: SHA1
+ Hash algo: SHA512
Hashed area:
- Signature creation time: 2013-02-25 21:14:06 UTC
- Key flags: CS
- Key expiration time: 19years 11months 25days 9h 50m 24s
- Symmetric algo preferences: AES256, AES192, AES128, CAST5, TripleDES
- Hash preferences: SHA256, SHA1, SHA384, SHA512, SHA224
- Compression preferences: Zlib, BZip2, Zip
- Features: SEIPDv1
- Keyserver preferences: no modify
+ Issuer Fingerprint: 1F42418905D8206AA754CCDC29EE58B996865171
+ Signature creation time: 2021-02-13 15:06:11 UTC
+ Reason for revocation: User ID information is no longer valid, No longer used.
Unhashed area:
Issuer: 29EE58B996865171
- Digest prefix: 8248
+ Digest prefix: B7EB
Level: 0 (signature over data)
-Public-Subkey Packet, old CTB, 269 bytes
+Public-Subkey Packet, new CTB, 269 bytes
Version: 4
Creation time: 2018-02-06 05:45:13 UTC
Pk algo: RSA
@@ -81,7 +78,7 @@
Fingerprint: 59FBB55CA7F3A8AB0C503773D81C4887F1679A65
KeyID: D81C4887F1679A65
-Signature Packet, old CTB, 758 bytes
+Signature Packet, new CTB, 758 bytes
Version: 4
Type: SubkeyBinding
Pk algo: RSA
@@ -110,7 +107,7 @@
Digest prefix: D815
Level: 0 (signature over data)
-Public-Subkey Packet, old CTB, 269 bytes
+Public-Subkey Packet, new CTB, 269 bytes
Version: 4
Creation time: 2018-02-06 05:45:46 UTC
Pk algo: RSA
@@ -118,7 +115,7 @@
Fingerprint: 1F9ABA5E96A1227366ED49A19B4A51263E13AF91
KeyID: 9B4A51263E13AF91
-Signature Packet, old CTB, 448 bytes
+Signature Packet, new CTB, 448 bytes
Version: 4
Type: SubkeyBinding
Pk algo: RSA
@@ -133,7 +130,7 @@
Digest prefix: 45E7
Level: 0 (signature over data)
-Public-Key Packet, old CTB, 525 bytes
+Public-Key Packet, new CTB, 525 bytes
Version: 4
Creation time: 2009-07-23 04:59:26 UTC
Pk algo: RSA
@@ -141,10 +138,10 @@
Fingerprint: 462225C3B46F34879FC8496CD605848ED7E69871
KeyID: D605848ED7E69871
-User ID Packet, old CTB, 25 bytes
+User ID Packet, new CTB, 25 bytes
Value: Daiki Ueno <ueno@gnu.org>
-Signature Packet, old CTB, 597 bytes
+Signature Packet, new CTB, 597 bytes
Version: 4
Type: PositiveCertification
Pk algo: RSA
@@ -164,14 +161,14 @@
Digest prefix: 0335
Level: 0 (signature over data)
-User ID Packet, old CTB, 30 bytes
+User ID Packet, new CTB, 30 bytes
Value: Daiki Ueno <ueno@unixuser.org>
-Signature Packet, old CTB, 596 bytes
+Signature Packet, new CTB, 596 bytes
Version: 4
Type: PositiveCertification
Pk algo: RSA
- Hash algo: SHA1
+ Hash algo: SHA256
Hashed area:
Key flags: CS
Features: SEIPDv1
@@ -180,14 +177,14 @@
Hash preferences: SHA512, SHA384, SHA256, SHA224
Compression preferences: Zlib, BZip2, Zip, Uncompressed
Issuer Fingerprint: 462225C3B46F34879FC8496CD605848ED7E69871
- Signature creation time: 2018-09-26 05:35:55 UTC
- Key expiration time: 14years 2months 2days 15h 29m 17s
+ Signature creation time: 2023-06-30 08:24:20 UTC
+ Key expiration time: 16years 11months 6days 7h 15m 18s
Unhashed area:
Issuer: D605848ED7E69871
- Digest prefix: EEA6
+ Digest prefix: 51AD
Level: 0 (signature over data)
-Public-Subkey Packet, old CTB, 525 bytes
+Public-Subkey Packet, new CTB, 525 bytes
Version: 4
Creation time: 2010-02-04 22:52:44 UTC
Pk algo: RSA
@@ -195,20 +192,23 @@
Fingerprint: 2567E23B4A79AD4DC685099850AD4600C8C530D6
KeyID: 50AD4600C8C530D6
-Signature Packet, old CTB, 543 bytes
+Signature Packet, new CTB, 638 bytes
Version: 4
Type: SubkeyBinding
Pk algo: RSA
- Hash algo: SHA1
+ Hash algo: SHA256
Hashed area:
- Signature creation time: 2010-02-04 22:52:44 UTC
- Key flags: EtEr
- Unhashed area:
+ Signature creation time: 2023-07-03 11:38:10 UTC (critical)
Issuer: D605848ED7E69871
- Digest prefix: 30AC
+ Notation: salt@notations.sequoia-pgp.org
+ 00000000 99 81 91 ac 52 3b 91 ba cb e1 8c c1 3a bf 44 b2
+ 00000010 64 24 c1 64 77 3d bd 0e 62 ee a5 79 38 f6 6d 2e
+ Key flags: EtEr
+ Issuer Fingerprint: 462225C3B46F34879FC8496CD605848ED7E69871
+ Digest prefix: ECB2
Level: 0 (signature over data)
-Public-Key Packet, old CTB, 525 bytes
+Public-Key Packet, new CTB, 525 bytes
Version: 4
Creation time: 2014-06-26 12:35:28 UTC
Pk algo: RSA
@@ -216,10 +216,10 @@
Fingerprint: 1CB27DBC98614B2D5841646D08302DB6A2670428
KeyID: 08302DB6A2670428
-User ID Packet, old CTB, 32 bytes
+User ID Packet, new CTB, 32 bytes
Value: Tim Rühsen <tim.ruehsen@gmx.de>
-Signature Packet, old CTB, 596 bytes
+Signature Packet, new CTB, 590 bytes
Version: 4
Type: PositiveCertification
Pk algo: RSA
@@ -232,14 +232,35 @@
Features: SEIPDv1
Keyserver preferences: no modify
Issuer Fingerprint: 1CB27DBC98614B2D5841646D08302DB6A2670428
- Signature creation time: 2019-02-27 18:53:27 UTC
- Key expiration time: 6years 8months 2days 5h 49m 11s
+ Signature creation time: 2021-03-07 17:45:33 UTC
+ Unhashed area:
+ Issuer: 08302DB6A2670428
+ Digest prefix: D674
+ Level: 0 (signature over data)
+
+Public-Subkey Packet, new CTB, 525 bytes
+ Version: 4
+ Creation time: 2014-06-26 12:35:28 UTC
+ Pk algo: RSA
+ Pk size: 4096 bits
+ Fingerprint: B9B146F2AD45FF7E2CAE90CC5883EEF90A4FC1CF
+ KeyID: 5883EEF90A4FC1CF
+
+Signature Packet, new CTB, 566 bytes
+ Version: 4
+ Type: SubkeyBinding
+ Pk algo: RSA
+ Hash algo: SHA512
+ Hashed area:
+ Key flags: EtEr
+ Issuer Fingerprint: 1CB27DBC98614B2D5841646D08302DB6A2670428
+ Signature creation time: 2021-03-07 17:45:49 UTC
Unhashed area:
Issuer: 08302DB6A2670428
- Digest prefix: E83A
+ Digest prefix: 776A
Level: 0 (signature over data)
-Public-Key Packet, old CTB, 51 bytes
+Public-Key Packet, new CTB, 51 bytes
Version: 4
Creation time: 2021-12-23 11:16:51 UTC
Pk algo: EdDSA
@@ -247,31 +268,31 @@
Fingerprint: 5D46CB0F763405A7053556F47A75A648B3F9220C
KeyID: 7A75A648B3F9220C
-User ID Packet, old CTB, 37 bytes
+User ID Packet, new CTB, 37 bytes
Value: Zoltan Fridrich <zfridric@redhat.com>
-Signature Packet, old CTB, 154 bytes
+Signature Packet, new CTB, 154 bytes
Version: 4
Type: PositiveCertification
Pk algo: EdDSA
Hash algo: SHA512
Hashed area:
- Issuer Fingerprint: 5D46CB0F763405A7053556F47A75A648B3F9220C
- Signature creation time: 2021-12-23 11:16:51 UTC
Key flags: CS
- Key expiration time: 1year 11months 29days 21h 50m 24s
Symmetric algo preferences: AES256, AES192, AES128, TripleDES
AEAD preferences: OCB, EAX
Hash preferences: SHA512, SHA384, SHA256, SHA224, SHA1
Compression preferences: Zlib, BZip2, Zip
Features: SEIPDv1, AEAD, #2
Keyserver preferences: no modify
+ Issuer Fingerprint: 5D46CB0F763405A7053556F47A75A648B3F9220C
+ Signature creation time: 2024-01-02 13:17:23 UTC
+ Key expiration time: 5years 8days 20h 32s
Unhashed area:
Issuer: 7A75A648B3F9220C
- Digest prefix: 69D8
+ Digest prefix: 1AB4
Level: 0 (signature over data)
-Public-Subkey Packet, old CTB, 56 bytes
+Public-Subkey Packet, new CTB, 56 bytes
Version: 4
Creation time: 2021-12-23 11:16:51 UTC
Pk algo: ECDH
@@ -279,22 +300,22 @@
Fingerprint: DF7B507669E926A2A1F09BBB46CFDAE328F33704
KeyID: 46CFDAE328F33704
-Signature Packet, old CTB, 126 bytes
+Signature Packet, new CTB, 126 bytes
Version: 4
Type: SubkeyBinding
Pk algo: EdDSA
Hash algo: SHA512
Hashed area:
- Issuer Fingerprint: 5D46CB0F763405A7053556F47A75A648B3F9220C
- Signature creation time: 2021-12-23 11:16:51 UTC
Key flags: EtEr
- Key expiration time: 1year 11months 29days 21h 50m 24s
+ Issuer Fingerprint: 5D46CB0F763405A7053556F47A75A648B3F9220C
+ Signature creation time: 2024-01-02 13:13:03 UTC
+ Key expiration time: 5years 8days 19h 56m 12s
Unhashed area:
Issuer: 7A75A648B3F9220C
- Digest prefix: CFC4
+ Digest prefix: 2B5D
Level: 0 (signature over data)
-Public-Key Packet, old CTB, 525 bytes
+Public-Key Packet, new CTB, 525 bytes
Version: 4
Creation time: 2016-09-27 09:06:31 UTC
Pk algo: RSA
@@ -302,10 +323,10 @@
Fingerprint: E987AB7F7E89667776D05B3BB0E9DD20B29F1432
KeyID: B0E9DD20B29F1432
-User ID Packet, old CTB, 39 bytes
+User ID Packet, new CTB, 39 bytes
Value: Alexander Sosedkin <monk@unboiled.info>
-Signature Packet, old CTB, 567 bytes
+Signature Packet, new CTB, 590 bytes
Version: 4
Type: PositiveCertification
Pk algo: RSA
@@ -320,31 +341,33 @@
Compression preferences: Zlib, BZip2, Zip, Uncompressed
Unhashed area:
Issuer: B0E9DD20B29F1432
+ Issuer Fingerprint: E987AB7F7E89667776D05B3BB0E9DD20B29F1432
Digest prefix: 7E50
Level: 0 (signature over data)
-User Attribute Packet, new CTB, 1003 bytes
- JPEG: 984 bytes
+Public-Subkey Packet, new CTB, 525 bytes
+ Version: 4
+ Creation time: 2021-08-21 03:09:23 UTC
+ Pk algo: RSA
+ Pk size: 4096 bits
+ Fingerprint: 56FAF07285D50A13A260DBC030FAA8E177B849C4
+ KeyID: 30FAA8E177B849C4
-Signature Packet, old CTB, 567 bytes
+Signature Packet, new CTB, 566 bytes
Version: 4
- Type: PositiveCertification
+ Type: SubkeyBinding
Pk algo: RSA
Hash algo: SHA256
Hashed area:
- Key flags: CS
- Features: SEIPDv1
- Keyserver preferences: no modify
- Signature creation time: 2016-09-27 09:10:12 UTC
- Symmetric algo preferences: AES256, AES192, AES128, CAST5
- Hash preferences: SHA512, SHA384, SHA256, SHA224
- Compression preferences: Zlib, BZip2, Zip, Uncompressed
+ Issuer Fingerprint: E987AB7F7E89667776D05B3BB0E9DD20B29F1432
+ Signature creation time: 2021-08-21 03:09:23 UTC
+ Key flags: A
Unhashed area:
Issuer: B0E9DD20B29F1432
- Digest prefix: 2945
+ Digest prefix: 829B
Level: 0 (signature over data)
-Public-Subkey Packet, old CTB, 525 bytes
+Public-Subkey Packet, new CTB, 525 bytes
Version: 4
Creation time: 2016-09-27 09:10:17 UTC
Pk algo: RSA
@@ -352,7 +375,7 @@
Fingerprint: A6AB53A01D237A94F9EEC4D0412748A40AFCC2FB
KeyID: 412748A40AFCC2FB
-Signature Packet, old CTB, 1086 bytes
+Signature Packet, new CTB, 1109 bytes
Version: 4
Type: SubkeyBinding
Pk algo: RSA
@@ -375,10 +398,11 @@
Digest prefix: 07FE
Level: 0 (signature over data)
+ Issuer Fingerprint: E987AB7F7E89667776D05B3BB0E9DD20B29F1432
Digest prefix: 99E4
Level: 0 (signature over data)
-Public-Subkey Packet, old CTB, 525 bytes
+Public-Subkey Packet, new CTB, 525 bytes
Version: 4
Creation time: 2016-09-27 09:06:31 UTC
Pk algo: RSA
@@ -386,7 +410,7 @@
Fingerprint: D7662EFEBD18ED4A3E32340E0F54271812103B95
KeyID: 0F54271812103B95
-Signature Packet, old CTB, 543 bytes
+Signature Packet, new CTB, 566 bytes
Version: 4
Type: SubkeyBinding
Pk algo: RSA
@@ -396,28 +420,7 @@
Key flags: EtEr
Unhashed area:
Issuer: B0E9DD20B29F1432
- Digest prefix: D1E5
- Level: 0 (signature over data)
-
-Public-Subkey Packet, old CTB, 525 bytes
- Version: 4
- Creation time: 2021-08-21 03:09:23 UTC
- Pk algo: RSA
- Pk size: 4096 bits
- Fingerprint: 56FAF07285D50A13A260DBC030FAA8E177B849C4
- KeyID: 30FAA8E177B849C4
-
-Signature Packet, old CTB, 566 bytes
- Version: 4
- Type: SubkeyBinding
- Pk algo: RSA
- Hash algo: SHA256
- Hashed area:
Issuer Fingerprint: E987AB7F7E89667776D05B3BB0E9DD20B29F1432
- Signature creation time: 2021-08-21 03:09:23 UTC
- Key flags: A
- Unhashed area:
- Issuer: B0E9DD20B29F1432
- Digest prefix: 829B
+ Digest prefix: D1E5
Level: 0 (signature over data)Edited by Daniel Kahn Gillmor