Re: [knot-dns-users] Debian archive signing key, available over https?

Hi Andreas, the APT key is signed by my quite strongly trusted[1] GPG key: $ gpg --list-sig ftpmaster(a)labs.nic.cz pub 4096R/0xAC0E47584A7A714D 2014-09-09 Key fingerprint = DF3D 585D B8F0 EB65 8690 A554 AC0E 4758 4A7A 714D uid [ full ] CZ.NIC Labs Archive Automatic Signing Key <ftpmaster(a)labs.nic.cz> sig 3 0xAC0E47584A7A714D 2014-09-09 CZ.NIC Labs Archive Automatic Signing Key <ftpmaster(a)labs.nic.cz> sig 3 0x0C99B70EF4FCBB07 2014-09-09 Ondřej Surý <ondrej(a)sury.org> sub 4096R/0xC8206E73FE9AA2B3 2014-09-09 sig 0xAC0E47584A7A714D 2014-09-09 CZ.NIC Labs Archive Automatic Signing Key <ftpmaster(a)labs.nic.cz> We can get more developers to sign this Archive signing key, but I think this is stronger assurance than unsigned server content served by https://. Anyway there's no problem publishing the fingerprint on the webpage, so we'll do that anyway. 1. http://pgp.cs.uu.nl/stats/F4FCBB07.html Cheers, Ondrej -- Ondřej Surý -- Chief Science Officer ------------------------------------------- CZ.NIC, z.s.p.o. -- Laboratoře CZ.NIC Americka 23, 120 00 Praha 2, Czech Republic mailto:ondrej.sury@nic.cz http://nic.cz/ ------------------------------------------- ----- Original Message -----