Build Service key

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

Build Service key

Malte Gell-3
Hello,

I think the [hidden email] key ( 0x6B9D6523) can be regarded
a very important key.
Thus, I wonder why is it not signed by the SUSE security team?

It is signed by Marcus Meissner, which is fine, but shouldn´t such an
important key be signed as well by the security team or at least by the
openSUSE project signing key?

IMHO that would grant a stronger chain of trust for that key.....
--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Build Service key

Thomas Biege
Hello,

I like the idea.

@Richard, what do you think?


On 18.09.17 15:12, linux maillist wrote:

> Hello,
>
> I think the [hidden email] key ( 0x6B9D6523) can be regarded
> a very important key.
> Thus, I wonder why is it not signed by the SUSE security team?
>
> It is signed by Marcus Meissner, which is fine, but shouldn´t such an
> important key be signed as well by the security team or at least by the
> openSUSE project signing key?
>
> IMHO that would grant a stronger chain of trust for that key.....
>


Viele Grüße / Best regards
Thomas
--
Thomas Biege <[hidden email]>, Team Lead MaintenanceSecurity, CSSLP
https://www.suse.com/security

SUSE Linux GmbH
GF: Felix Imendörffer, Jane Smithard, Graham Norton
HRB 21284 (AG Nuernberg)
--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Build Service key

Marcus Meissner
Hi,

On Thu, Sep 21, 2017 at 05:55:15PM +0200, Thomas Biege wrote:

> Hello,
>
> I like the idea.
>
> @Richard, what do you think?
>
>
> On 18.09.17 15:12, linux maillist wrote:
> > Hello,
> >
> > I think the [hidden email] key ( 0x6B9D6523) can be regarded
> > a very important key.
> > Thus, I wonder why is it not signed by the SUSE security team?
> >
> > It is signed by Marcus Meissner, which is fine, but shouldn´t such an
> > important key be signed as well by the security team or at least by the
> > openSUSE project signing key?
> >
> > IMHO that would grant a stronger chain of trust for that key.....

I am regulary partaking in FOSDEM and other keysignings if you want to have close
verification of my key and government issued ID.

I have now also signed the 0x6B9D6523 key with the [hidden email] key, as I am member
of the security team.

Ciao, Marcus
--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Build Service key

Malte Gell-3
Am 28.09.2017 um 22:11 schrieb Marcus Meissner:
> (....)
> I am regulary partaking in FOSDEM and other keysignings if you want to have close
> verification of my key and government issued ID.

Oh, you have such a new German ID card with online signature stuff
enabled? You can go to https://pgp.governikus-eid.de/pgp/ and use your
ID card to get your PGP key(s) signed.
Though, you need a Windows machine / VirtualBox to use your ID card......

> I have now also signed the 0x6B9D6523 key with the [hidden email] key, as I am member
> of the security team.

Why does the security team have two keys?
Is 0x317CD502 the successor to 0x3D25D3D9?
Why did 0x3D25D3D9 need a successor?

thanx
Malte


--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Build Service key

Johannes Segitz
Hi Malte,

On Wed, Oct 04, 2017 at 02:33:45AM +0200, Malte Gell wrote:
> Why does the security team have two keys?

We use only 0x317CD502, 0x3D25D3D9 is revoked.

> Is 0x317CD502 the successor to 0x3D25D3D9?

Yes

> Why did 0x3D25D3D9 need a successor?

We wanted to increase the key size.

Johannes
--
GPG Key E7C81FA0       EE16 6BCE AD56 E034 BFB3  3ADD 7BF7 29D5 E7C8 1FA0
Subkey fingerprint:    250F 43F5 F7CE 6F1E 9C59  4F95 BC27 DD9D 2CC4 FD66
SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton
HRB 21284 (AG Nürnberg)

signature.asc (817 bytes) Download Attachment