Re: PGP key to use to contact the Security Team

To: Simon Valiquette <v.simon@ieee.org>
Cc: debian-security@lists.debian.org
Subject: Re: PGP key to use to contact the Security Team
From: Kurt Roeckx <kurt@roeckx.be>
Date: Mon, 29 Dec 2008 15:50:48 +0100
Message-id: <[🔎] 20081229145048.GA5997@roeckx.be>
In-reply-to: <[🔎] 4958C36F.2050300@ieee.org>
References: <[🔎] 4958C36F.2050300@ieee.org>

On Mon, Dec 29, 2008 at 07:32:47AM -0500, Simon Valiquette wrote:
> 
>   So here are my questions:
> 
> 1. Do both keys are still valid?
> 
> 2. If the key F2E861A3 is legitimate (which I think it is because
> I have a trust path to it), wouldn't it makes sense to sign it with
> the old key as well? Or alternatively by 3 members of the security
> team instead of just one?
> 
> 3. The key F2E861A3 claims to have been created on 2007-07-29 and is
> set to expire on 2009-02-18.  So could someone clarify what will
> happens after it expire in six weeks?  Will it be replaced by a new
> key, or will the expiration date simply be changed?
> 
> 3. If the old key 363CCD95 is not used anymore, is there any reasons
> for not revoking it?

4. Why is 363CCD95 on keyring.debian.org but F2E861A3 isn't?

5. Why is neither key documented in the developers reference?  Or
   atleast a refence to that such a key exists.


Kurt

Reply to:

References:
- PGP key to use to contact the Security Team
  - From: Simon Valiquette <v.simon@ieee.org>

Prev by Date: PGP key to use to contact the Security Team
Next by Date: felicitation!!!
Previous by thread: PGP key to use to contact the Security Team
Next by thread: felicitation!!!
Index(es):
- Date
- Thread