Privatebin: GPG signing process

Created on 15 Aug 2018  路  4Comments  路  Source: PrivateBin/PrivateBin

Hi everyone,

Privatebin's GPG signing key change with every release, can you please use the same key in your release model ? Every time, I have to change my automatic dockerfile update process, this is a little bit annoying :p

1.1.1 used RSA key 05D40A636AFAB34D, 1.2 used RSA key 0C78CF39B20D890B and now 1.2.1 use an unknow key E11B7950E9E183DB which is not listed on your credit page and neither in a public OpenPGP keyserver like keys.gnupg.net or pgp.mit.edu.

Can you give me the corresponding ASCII-armored PGP public key ?

question securitprivacy

All 4 comments

I found it.

https://privatebin.info/key/release.asc

pub   rsa4096/0xE11B7950E9E183DB 2018-08-07 [SC]
      Key fingerprint = 28CA 7C96 4938 EA5C 1481  D42A E11B 7950 E9E1 83DB
uid                   [ unknown] PrivateBin release (solely used for signing releases)

I guess this key is definitive given its description.

Yes, we recently switched keys for that and now use a dedicated one for release signing.

Great, thank you.

Oh, as we have got this question again, I looked into this and we actually totally forgot to link to this new key anywhere or make users aware that this new key is now used.

I've created https://github.com/PrivateBin/privatebin.info-pelican/issues/19 for tracking this.

Was this page helpful?
0 / 5 - 0 ratings

Related issues

chatq picture chatq  路  7Comments

ZerooCool picture ZerooCool  路  3Comments

aryasenna picture aryasenna  路  7Comments

jeyca picture jeyca  路  4Comments

koehn picture koehn  路  5Comments