Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: update pasta gpg key to reflect new subkeys #6290

Open
wants to merge 1 commit into
base: develop
Choose a base branch
from
Open

chore: update pasta gpg key to reflect new subkeys #6290

wants to merge 1 commit into from

Conversation

PastaPastaPasta
Copy link
Member

@PastaPastaPasta PastaPastaPasta commented Sep 26, 2024
edited
Loading

Issue being fixed or feature implemented

I've added 2 subkeys to my GPG key 29590362EC878A81FD3C202B52527BEDABE87984 to better follow best practices, which avoids using your primary key whenever possible. All future git commit signing, and potentially releases will be signed by a subkey instead of the primary key.

These updated subkeys keys are now included on all the major keyservers
hkps://keyserver.ubuntu.com
hkps://pgp.mit.edu
hkps://keyserver.ubuntu.com

keybase has 1 of the 2 subkeys already, will add the other soon.

What was done?

How Has This Been Tested?

Breaking Changes

Users who validate my signatures may have to refresh the key from keyservers via gpg --refresh-keys or pull down from keybase via curl https://keybase.io/pasta/pgp_keys.asc | gpg --import

Checklist:

  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • I have added or updated relevant unit/integration/functional/e2e tests
  • I have made corresponding changes to the documentation
  • I have assigned this pull request to a milestone (for repository code-owners and collaborators only)

@PastaPastaPasta PastaPastaPasta added this to the 22 milestone Sep 26, 2024
@PastaPastaPasta PastaPastaPasta mentioned this pull request Sep 26, 2024
Open
@UdjinM6
Copy link

UdjinM6 commented Sep 27, 2024

keys do not match https://keybase.io/pasta/pgp_keys.asc?fingerprint=29590362EC878A81FD3C202B52527BEDABE87984 🤷‍♂️

@PastaPastaPasta
Copy link
Member Author

keys do not match https://keybase.io/pasta/pgp_keys.asc?fingerprint=29590362EC878A81FD3C202B52527BEDABE87984 🤷‍♂️

Imported via keybase:

pub  rsa4096/52527BEDABE87984
     created: 2019-08-14  expires: 2026-08-16  usage: SC  
     trust: unknown       validity: unknown
sub  rsa4096/99F8136674CE12CB
     created: 2019-08-14  expires: 2026-08-16  usage: E   
sub  ed25519/E2F3D7916E722D38
     created: 2024-09-26  expires: 2026-09-26  usage: S   
sub  ed25519/CDDEA7E911316053
     created: 2024-09-26  expires: 2026-09-26  usage: S   
[ unknown] (1). Pasta <[email protected]>
[ unknown] (2)  Pasta (See keybase.io/pasta for proofs on my identify. 60ACF70BF712645049EE6F15EFEAF16686225F64 is my offline only GPG key.)
[ unknown] (3)  Pasta <[email protected]>

imported from this PR

pub  rsa4096/52527BEDABE87984
     created: 2019-08-14  expires: 2026-08-16  usage: SC  
     trust: unknown       validity: unknown
sub  rsa4096/99F8136674CE12CB
     created: 2019-08-14  expires: 2026-08-16  usage: E   
sub  ed25519/E2F3D7916E722D38
     created: 2024-09-26  expires: 2026-09-26  usage: S   
sub  ed25519/CDDEA7E911316053
     created: 2024-09-26  expires: 2026-09-26  usage: S   
[ unknown] (1). Pasta <[email protected]>
[ unknown] (2)  Pasta (See keybase.io/pasta for proofs on my identify. 60ACF70BF712645049EE6F15EFEAF16686225F64 is my offline only GPG key.)
[ unknown] (3)  Pasta <[email protected]>

They appear to match to me based on this? maybe some metadata is in a different order or something? I'm not sure I guess if desired, I could update this one to match the keybase one exactly?

@UdjinM6
Copy link

UdjinM6 commented Sep 27, 2024

keys do not match https://keybase.io/pasta/pgp_keys.asc?fingerprint=29590362EC878A81FD3C202B52527BEDABE87984 🤷‍♂️

...
They appear to match to me based on this? maybe some metadata is in a different order or something? I'm not sure I guess if desired, I could update this one to match the keybase one exactly?

I think ideally they should match exactly. Makes it easier to verify.

UdjinM6
UdjinM6 approved these changes Sep 27, 2024
View reviewed changes
Copy link

@UdjinM6 UdjinM6 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

utACK c3f2474

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@UdjinM6 UdjinM6 UdjinM6 approved these changes

@knst knst Awaiting requested review from knst

At least 2 approving reviews are required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
22
Development

Successfully merging this pull request may close these issues.
2 participants
@PastaPastaPasta @UdjinM6