From owner-freebsd-doc@freebsd.org Fri Dec 30 16:23:54 2016 Return-Path: Delivered-To: freebsd-doc@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id ED9D7C97C02 for ; Fri, 30 Dec 2016 16:23:54 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2610:1c1:1:6074::16:84]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "freefall.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id CA3F91CCD; Fri, 30 Dec 2016 16:23:54 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from FreeBSD.org (freefall.freebsd.org [IPv6:2610:1c1:1:6074::16:84]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by freefall.freebsd.org (Postfix) with ESMTPS id BFFE95CFA; Fri, 30 Dec 2016 16:23:53 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Date: Fri, 30 Dec 2016 16:23:50 +0000 From: Glen Barber To: Felix Friedlander Cc: freebsd-doc@freebsd.org Subject: Re: Signing key for release checksums? Message-ID: <20161230162350.GN1488@FreeBSD.org> References: <0BC2945D-0C33-4027-B163-5B6C47CE5C22@gmail.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="U+NfgObvpQT1Q9Yq" Content-Disposition: inline In-Reply-To: <0BC2945D-0C33-4027-B163-5B6C47CE5C22@gmail.com> X-Operating-System: FreeBSD 11.0-STABLE amd64 X-SCUD-Definition: Sudden Completely Unexpected Dataloss X-SULE-Definition: Sudden Unexpected Learning Event X-PEKBAC-Definition: Problem Exists, Keyboard Between Admin/Computer X-Spidey-Sense: Uh oh, Peter logged in User-Agent: Mutt/1.7.1 (2016-10-04) X-BeenThere: freebsd-doc@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Documentation project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 30 Dec 2016 16:23:55 -0000 --U+NfgObvpQT1Q9Yq Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Dec 30, 2016 at 06:13:25PM +1100, Felix Friedlander wrote: > Hi, >=20 > In response to a request on freebsd-questions@, I was wondering > if it would be possible, on the release signatures pages (example: > https://www.freebsd.org/releases/11.0R/signatures.html) to include > a link to the key used to create these signatures? >=20 > Also thought I might add that these checksums can be a little > hard to find (as demonstrated!) for someone new to the project, but > that=E2=80=99s not really my point. >=20 The problem here is that it depends on *who* announced the release. This is a topic that has come up several times over the past few months, though not necessarily in this context exactly. But this is good feedback, and another situation that was not yet considered. Glen --U+NfgObvpQT1Q9Yq Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIcBAEBCAAGBQJYZooQAAoJEAMUWKVHj+KTTr4P/ijHgH2M42w3/VKOe6K3xr36 icCzV6gJmPBAxp9uqyALoS9vTjck75cbVRoFu8lY4i2qjI83OvzDRCtF74ieOh6z UrP+umUm+znsZfOCmsAdYsVFDV4gfx65QhlSkX//l+3neEVyK+7kCAOTcuSer52V JNPWlo/Qa8y8RCnJZLzL548/2q04Zifm5uSkSA6TfJFDLaJTD82HbQhpV58l5Yh8 gHIuTFUMTABfP0JK0X3sfmQskTQW4RaBYqkzA47bqbjVgATOQvTFsooJGsXkzB/h ivu52IXprmL2deH7af9hAeFjGj8c1MbRWAuPYKeto6B32zqIX1bLQ4t/IOZrkyqR RR11smWyavo62dgp7PrelRkP17m4gK40JHH4H+b+je9uLWRauQwpC9CNFTzrSiNu sV/gf2EzwEQa8Vsm9W0A3/mXNe+oSH/WeUHJposedz6BDzvSGBdZhr+jjL1/Bm7L SvXhi+bhwA/MQ2vm5evl5fdTtjj25dztuZXAXr+4Zepm8CuqnxjeQyS7EQ5xcukS V8BPPMOsnH9p2RyIPJGdiHJsR6BscIwNCoMkUnVVBiqQk4Azefc2A85O8kxnoEjV okjOI6nyDsiGyZxm+fGJ/kyfLgUwETPVJKrZORUwgdzPih4s7Ew7hnpkKX1dEsLx m0C2AscOujBfDRWFhXas =vbrv -----END PGP SIGNATURE----- --U+NfgObvpQT1Q9Yq--