The announcements below are a good way to announce PGP key ids, but I wonder if we could do better by also including an attachment with the complete public key content? In case future SHA1-as-used-in-PGP breaks further, doing so would mitigate a scenario where there are two different keys that lead to the same SHA1 identifier, and someone is trying to get that into the Debian keyring. /Simon Debian FTP Masters <ftpmaster@ftp-master.debian.org> writes: > The following changes to the debian-maintainers keyring have just been > activated: > > andrew@bower.org.uk > Full name: Andrew Bower > Added key: 06AB786E936C6C73F6D8130C4510339430FC9F34 > > > fabstz-it@yahoo.fr > Removed key: E2121643BD9CC10D2B0965CE680F16F62E6306F6 > Added key: 8015B9DA9FE2424821BD2581927502987D57C54B > > > krekhov.dev@gmail.com > Full name: Kirill Rekhov > Added key: 2640769DFDA1AAA0F863D1AE5F2C5905519CE0A0 > > Debian distribution maintenance software, > on behalf of the Keyring maintainers > >
Attachment:
signature.asc
Description: PGP signature