-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore: update pasta gpg key to reflect new subkeys #6290
base: develop
Are you sure you want to change the base?
chore: update pasta gpg key to reflect new subkeys #6290
Conversation
keys do not match https://keybase.io/pasta/pgp_keys.asc?fingerprint=29590362EC878A81FD3C202B52527BEDABE87984 🤷♂️ |
Imported via keybase:
imported from this PR
They appear to match to me based on this? maybe some metadata is in a different order or something? I'm not sure I guess if desired, I could update this one to match the keybase one exactly? |
I think ideally they should match exactly. Makes it easier to verify. |
5d14edc
to
c3f2474
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
utACK c3f2474
Issue being fixed or feature implemented
I've added 2 subkeys to my GPG key
29590362EC878A81FD3C202B52527BEDABE87984
to better follow best practices, which avoids using your primary key whenever possible. All future git commit signing, and potentially releases will be signed by a subkey instead of the primary key.These updated subkeys keys are now included on all the major keyservers
hkps://keyserver.ubuntu.com
hkps://pgp.mit.edu
hkps://keyserver.ubuntu.com
keybase has 1 of the 2 subkeys already, will add the other soon.
What was done?
How Has This Been Tested?
Breaking Changes
Users who validate my signatures may have to refresh the key from keyservers via
gpg --refresh-keys
or pull down from keybase viacurl https://keybase.io/pasta/pgp_keys.asc | gpg --import
Checklist: