[EMAIL PROTECTED] wrote: > Author: markt > Date: Sat Nov 15 04:59:01 2008 > New Revision: 714246 > > URL: http://svn.apache.org/viewvc?rev=714246&view=rev > Log: > Update KEYS with changes from 6.0.x (Remy updated his key)
> -pub 1024D/41E49465 2006-11-08 > - Key fingerprint = 80FF 76D8 8A96 9FE4 6108 558A 80B9 53A0 41E4 9465 > -uid Remy Maucherat <[EMAIL PROTECTED]> > -sig 3 41E49465 2006-11-08 Remy Maucherat <[EMAIL PROTECTED]> > -sub 4096g/D07A28EB 2006-11-08 > -sig 41E49465 2006-11-08 Remy Maucherat <[EMAIL PROTECTED]> > +pub 1024D/288584E7 2008-07-02 > +uid Rémy Maucherat <[EMAIL PROTECTED]> > +sub 4096g/4B6FAEFB 2008-07-02 Hmmm... if anything is signed with 41E49465 or its subkeys, that key should not be pulled from KEYS. Adding a new key is sufficient. If he has revoked key 41E49465, files signed in http://archive.apache.org/ are now suspect and must be pulled down, and re-signed. Quite a PITA. Hopefully 41E49465 is not comprimized and could still sign 2288584E7 as its descendant (full-trust), which solves the problem of the limited # of signatures on a brand new key. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
