You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
for both softhsm2 and opendnssec I am unable to find any mention of the release signing key.
In the Debian source package there is an apparent copy of the public key that in its header reports:
#
# OpenDNSSec distribution keys. The keys are published at:
# https://wiki.opendnssec.org/display/OpenDNSSEC/PGP
#
# Distribution key 2017
# Valid from 2017-01-11 and expires 2024-08-01
But I've been unable to find the public key published securely by opendnssec.
I also found the existing key expired once before in November 2022, the Debian package maintainer reported it [0] and although there was no reply to that mailing-list report the expiry date of the key was apparently extended.
$ gpg ./opendnssec-2.1.13/debian/upstream/signing-key.asc
gpg: WARNING: no command supplied. Trying to guess what you mean ...
pub rsa4096 2017-01-11 [SC] [expires: 2024-08-01]
4D0388CE86BB398B387B663041F623BE4FCB0B94
uid OpenDNSSEC Distribution Key 2017 <[email protected]>
In attempting to verify the source package signatures at
https://dist.opendnssec.org/source/
for both softhsm2 and opendnssec I am unable to find any mention of the release signing key.
In the Debian source package there is an apparent copy of the public key that in its header reports:
But I've been unable to find the public key published securely by opendnssec.
I also found the existing key expired once before in November 2022, the Debian package maintainer reported it [0] and although there was no reply to that mailing-list report the expiry date of the key was apparently extended.
[0] https://lists.opendnssec.org/pipermail/opendnssec-user/2022-November/004716.html
The text was updated successfully, but these errors were encountered: