Hi everyone,
Privatebin's GPG signing key change with every release, can you please use the same key in your release model ? Every time, I have to change my automatic dockerfile update process, this is a little bit annoying :p
1.1.1 used RSA key 05D40A636AFAB34D, 1.2 used RSA key 0C78CF39B20D890B and now 1.2.1 use an unknow key E11B7950E9E183DB which is not listed on your credit page and neither in a public OpenPGP keyserver like keys.gnupg.net or pgp.mit.edu.
Can you give me the corresponding ASCII-armored PGP public key ?
I found it.
https://privatebin.info/key/release.asc
pub rsa4096/0xE11B7950E9E183DB 2018-08-07 [SC]
Key fingerprint = 28CA 7C96 4938 EA5C 1481 D42A E11B 7950 E9E1 83DB
uid [ unknown] PrivateBin release (solely used for signing releases)
I guess this key is definitive given its description.
Yes, we recently switched keys for that and now use a dedicated one for release signing.
Great, thank you.
Oh, as we have got this question again, I looked into this and we actually totally forgot to link to this new key anywhere or make users aware that this new key is now used.
I've created https://github.com/PrivateBin/privatebin.info-pelican/issues/19 for tracking this.