Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
debian: Update debian/upstream/signing-key.asc
This change is needed for debian packaging effort of latest release 0.17.0 #263 Because this key update is critical in the trust's chain, may I request upstream to double check and acknowledge this change. This key was obtained from WoT using: wget https://files.pythonhosted.org/packages/3a/7d/d1cadc8c68cdfe035412ca11a2fa3105a0a3fd18e4212053cf8f67bdd02a/tuf-0.17.0.tar.gz wget https://files.pythonhosted.org/packages/3a/7d/d1cadc8c68cdfe035412ca11a2fa3105a0a3fd18e4212053cf8f67bdd02a/tuf-0.17.0.tar.gz.asc gpg --verify tuf-0.17.0.tar.gz.asc gpg: assuming signed data in 'tuf-0.17.0.tar.gz' gpg: Signature made Thu 25 Feb 2021 12:42:50 PM CET gpg: using RSA key 08F3409FCF71D87E30FBD3C21671F65CB74832A4 gpg: Can't check signature: No public key gpg --recv-key 08F3409FCF71D87E30FBD3C21671F65CB74832A4 \ --keyserver hkp://keys.gnupg.net gpg --verify ../tuf-0.17.0.tar.gz.asc gpg --fingerprint 08F3409FCF71D87E30FBD3C21671F65CB74832A4 # pub rsa3072 2020-03-17 [SC] [expires: 2030-03-15] # 08F3 409F CF71 D87E 30FB D3C2 1671 F65C B748 32A4 # uid [ unknown] Joshua Lock (GPG on YubiKey) <[email protected]> # sub rsa3072 2020-03-17 [E] [expires: 2030-03-15] # sub rsa3072 2020-03-17 [A] [expires: 2030-03-15] gpg --armor --export 08F3409FCF71D87E30FBD3C21671F65CB74832A4 \ > debian/upstream/signing-key.asc Cc: Sebastien Awwad <[email protected] @awwad> Cc: Lukas Puehringer <[email protected] @lukpueh> Cc: Joshua Lock <[email protected] @joshuagl> Relate-to: https://www.debian.org/doc/manuals/debmake-doc/ch05.en.html#signing-key Origin: https://github.com/CrossStream/tuf/tree/debian/master Forwarded: https://github.com/theupdateframework/tuf/pulls/rzr Signed-off-by: Philippe Coval <[email protected]>
- Loading branch information