blug-canary-3
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
blug-canary-3 [2019/09/04 06:16] Wu Delin |
blug-canary-3 [2025/09/30 02:09] (current) vimacs |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ====== Beijing GNU/Linux User Group Canary (3/3) ====== | ====== Beijing GNU/Linux User Group Canary (3/3) ====== | ||
| - | < | + | < |
| - | -----BEGIN PGP SIGNED MESSAGE----- | + | |
| Hash: SHA512 | Hash: SHA512 | ||
| Line 8: | Line 7: | ||
| ==================================== | ==================================== | ||
| - | Issued for August 2019. | + | Issued for September 2025. |
| Don't just trust the contents of this file blindly! Verify the | Don't just trust the contents of this file blindly! Verify the | ||
| Line 16: | Line 15: | ||
| ~~~~~~~~~~~~~ | ~~~~~~~~~~~~~ | ||
| - | * biergaizi: | + | * biergaizi: |
| - | * persmule : 0x2987A25DAC8454A5 | + | * persmule : 0x7636112A33805777A0646B1BFA7C50B699AC61D2 |
| - | * wnereiz | + | * vimacs |
| THREE DOCUMENTS IN TOTAL. | THREE DOCUMENTS IN TOTAL. | ||
| Line 55: | Line 54: | ||
| 8. Our personal safety and security is not threatened. | 8. Our personal safety and security is not threatened. | ||
| - | 9. To avoid security breaches and emphasize the clarity of the warrent | + | 9. To avoid security breaches and emphasize the clarity of the warrant |
| documents, if a signer is temporarily unavailable, | documents, if a signer is temporarily unavailable, | ||
| " | " | ||
| NOT be considered a valid canary document) until the signer becomes available | NOT be considered a valid canary document) until the signer becomes available | ||
| - | again and signs the missed documents. A new signer SHOULD NOT sign a warrent | + | again and signs the missed documents. A new signer SHOULD NOT sign a warrant |
| canary document only due to the temporary unavailability of a existing signer. | canary document only due to the temporary unavailability of a existing signer. | ||
| 10. We plan to publish the next of these canary statements in the first three | 10. We plan to publish the next of these canary statements in the first three | ||
| - | weeks of October | + | weeks of October |
| by that time or if the list of statements changes without plausible explanation. | by that time or if the list of statements changes without plausible explanation. | ||
| + | |||
| + | 11. Due to the ongoing security issues of OpenPGP keyservers, it makes signature | ||
| + | verification an issue and somewhat a challenge. For completeness, | ||
| + | procedures for canary verification is included here. | ||
| Special Announcements | Special Announcements | ||
| Line 70: | Line 73: | ||
| None. | None. | ||
| + | |||
| + | Canary Verification Procedures | ||
| + | ~~~~~~~~~~~~~~~~~~~~~~~~ | ||
| + | |||
| + | 1. To verify biergaizi' | ||
| + | |||
| + | a. Obtain the public key from any traditional OpenPGP Keyserver, such as | ||
| + | https:// | ||
| + | is 0x255211B2395A5A3E0E48A0F1FAD3EB05E88E8D6D. | ||
| + | |||
| + | b. Use the latest GnuPG in any operating system. | ||
| + | |||
| + | 2. To verify persmule' | ||
| + | |||
| + | a. Due to the previous attacks on OpenPGP keyservers, persmule has published | ||
| + | the OpenPGP public key to https:// | ||
| + | the standard method, it's impossible to import a OpenPGP public key without | ||
| + | User-ID. But since April 2013, we have developed a workaround, described | ||
| + | below. | ||
| + | |||
| + | b. Obtain the dummy public key from any traditional OpenPGP Keyserver, | ||
| + | such as https:// | ||
| + | fingerprint is 0x7636112A33805777A0646B1BFA7C50B699AC61D2. Note that, to | ||
| + | import this key, one must copy and paste the key in ASCII from the Keyserver | ||
| + | website to a file or console and use the command "gpg --import" | ||
| + | technical problem, Using "gpg --recv-key" | ||
| + | work. | ||
| + | |||
| + | c. This is a special dummy public key with its User-IDs and subkeys stripped | ||
| + | that we specifically created, leaving only a " | ||
| + | E-mail address, "Kikek < | ||
| + | allowing the subsequent import of additional subkeys. | ||
| + | |||
| + | d. Next, with the stub key already imported, obtain the public key from | ||
| + | https:// | ||
| + | Because the dummy key with its stub User-ID is already in presence, it's | ||
| + | now possible to import the https:// | ||
| + | |||
| + | e. Use the latest GnuPG in most operating system, the signatures made by | ||
| + | persmule' | ||
| + | |||
| + | 3. To verify vimacs' | ||
| + | |||
| + | a. Obtain the public key from any traditional OpenPGP Keyserver, such as | ||
| + | https:// | ||
| + | is 0x7079B481F04B5D8B65A0ECDEEA2DB82FE04A9403. | ||
| + | |||
| + | b. Use the latest GnuPG in any operating system. | ||
| Proof of Freshness | Proof of Freshness | ||
| Line 75: | Line 126: | ||
| $ rsstail -1 -n5 -N -u https:// | $ rsstail -1 -n5 -N -u https:// | ||
| - | Record 120m heroin shipment found concealed in bathrobes at Suffolk port | + | BBC Breakfast boss cleared |
| - | | + | Northern Lights shine across |
| - | Royal family pictures of the week | + | GCSE results day 2025: What time will grades be released today? |
| - | Hurricane Dorian: ' | + | Ucas Clearing 2025: How to get a last-minute university place |
| - | ' | + | |
| $ rsstail -1 -n5 -N -u https:// | $ rsstail -1 -n5 -N -u https:// | ||
| - | Brexit Vote Goes Against Boris Johnson, | + | Middle East Updates: Trump Releases Gaza Plan and Says Hamas Must Accept It |
| - | A Disastrous Outcome: In Bahamas, Hurricane Cripples Rescue Efforts | + | Brazils Homegrown Payment System Is Target of Trump Administration |
| - | As Deaths Mount, France Tries to Get Serious About Domestic Violence | + | |
| - | Britains Conservatives Erupt Into Civil War as Unlikely Rebels Defy Boris Johnson | + | Octopuses Invade English Coast, Eating Anything in Their Path |
| - | What to Know as Boris Johnson and Parliament Face Off on Brexit | + | Colombias President Reinforces Common Stereotype, Sparking Widespread Backlash |
| $ date -R -u | $ date -R -u | ||
| - | Wed, 04 Sep 2019 06:12:32 +0000 | + | Tue, 30 Sep 2025 02:08:03 +0000 |
| -----BEGIN PGP SIGNATURE----- | -----BEGIN PGP SIGNATURE----- | ||
| - | iQIzBAEBCgAdFiEE3n2KYOSW/ | + | iHUEARYKAB0WIQRlsdhNDMVQSujfnGCovW2B2flWVAUCaNs7pAAKCRCovW2B2flW |
| - | QYSoZg// | + | VHzsAQDVhKSjIX5CPgkbnajXRB5RkbRHyIgalSno48EqI+PFzgEA+1TlCHf8Z7r4 |
| - | t6ShgRtfXZJGuHuoRRzJANRuhf6jfdDEVKBweDjxYbzO/ | + | 4brzkUjNPFO+JMQLnazU9SDsgO6VHw8= |
| - | cOUXQNynZNAVArDBs8Ckb6vkJNI6Sd8qQCqlIENg+L95Vi4NrZFw6jr2tqTDqzIr | + | =k12e |
| - | 30OHn9VfUeqqrMl5F44heusyHtsqfqOPgxHyEubjoJ+WMko39aL9rn6sIa95CgTP | + | |
| - | l5OcmIiraZDMaR0m76ujkZVmODJbt1zEAnXH0Det9Q1J/ | + | |
| - | gns+d6Ij47+BlSoe+Lg7Blv81oT21bdeHGkFBWEQI80vpI40IjNIAxGe3CITbIEl | + | |
| - | LUalouPDbwshtHZUWAJpZg6DKaVLD+DP9miL0lamkT4EQw7XQsbQlSbSpPs4KLiA | + | |
| - | KI15DLaIRKrNMNU9jXAub8RXrS7Mn+4RHvGj/ | + | |
| - | Wh4GtenlBHTuhDTotiuqpQ+qzkf3Jw8XHgNyF17AFt/ | + | |
| - | nkhdiYfQnOmJgiXycqTnvVL8EbzrJI7laHBPXusnkFqFHtAdvNabrC6dyfv+3AWr | + | |
| - | fS2FgX5Zpq4+O7Uu0U7dniaAbt6qs3/ | + | |
| - | =8Vqq | + | |
| -----END PGP SIGNATURE----- | -----END PGP SIGNATURE----- | ||
| </ | </ | ||
blug-canary-3.1567577802.txt.gz · Last modified: 2019/09/04 06:16 by Wu Delin
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
