BLUG Wiki

User Tools

Site Tools

You are here: start » blug-canary-1
Trace:
blug-canary-1

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
Next revision Both sides next revision
blug-canary-1 [2019/07/20 13:51]
BLUG Admin 		blug-canary-1 [2020/02/21 02:08]
persmule
Line 12: Line 12:
 Hash: SHA512 Hash: SHA512
  
-BEIJING GNU/LINUX USER GROUP CANARY (1/3)+BEIJING GNU/LINUX USER GROUP CANARY (2/3)
 ==================================== ====================================
  
-Issued for July 2019.+Issued for February 2020.
  
 Don't just trust the contents of this file blindly! Verify the Don't just trust the contents of this file blindly! Verify the
Line 23: Line 23:
 ~~~~~~~~~~~~~ ~~~~~~~~~~~~~
  
-* biergaizi: 0xFAD3EB05E88E8D6D +* biergaizi: 0x255211B2395A5A3E0E48A0F1FAD3EB05E88E8D6D 
-* persmule : 0x2987A25DAC8454A5 +* persmule : 0xEDFFE248ECFACDE3C805906804A40D21DBB89B60 
-vimacs   0xEA2DB82FE04A9403+wnereiz  0x0A6A91990AC98712274AA18DFDFF2E13AA25BE72
  
 THREE DOCUMENTS IN TOTAL. THREE DOCUMENTS IN TOTAL.
Line 32: Line 32:
 one is located at: one is located at:
  
-* https://beijinglug.club/wiki/doku.php?id=blug-canary-2+* https://beijinglug.club/wiki/doku.php?id=blug-canary-3
  
 It is possible that the signatures are not updated at the same time, It is possible that the signatures are not updated at the same time,
Line 62: Line 62:
 8. Our personal safety and security is not threatened. 8. Our personal safety and security is not threatened.
  
-9. We plan to publish the next of these canary statements in the first three +9. To avoid security breaches and emphasize the clarity of the warrant canary 
-weeks of August 2019. Special note should be taken if no new canary is +documents, if a signer is temporarily unavailable, only existing signers in the 
-published by that time or if the list of statements changes without plausible explanation.+"Signer" list SHALL sign a special placeholder notice (this notice itself SHOULD 
 +NOT be considered a valid canary document) until the signer becomes available 
 +again and signs the missed documents. A new signer SHOULD NOT sign a warrant 
 +canary document only due to the temporary unavailability of a existing signer. 
 + 
 +10. We plan to publish the next of these canary statements in the first three 
 +weeks of March 2020. Special note should be taken if no new canary is published 
 +by that time or if the list of statements changes without plausible explanation.
  
 Special Announcements Special Announcements
 ~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~
  
-1. Due to personal reason, wnereiz (0xFDFF2E13AA25BE72) is no longer available +1. Since mid-October, persmule's old signing key 0x2987A25DAC8454A5 has 
-and couldn't sign the warrent canary before the end of June 2019. This is not +expired. A new key, 0xEDFFE248ECFACDE3C805906804A40D21DBB89B60, has been 
-a result of any incidentAll statements of the warrent canary documents are +created and uploaded to https://keys.openpgp.org/it can be obtained from 
-still valid.+this keyserver. 
 + 
 +2. The new key will be used by persmule to sign future warrant canary 
 +documents. You can verify the signature by crosschecking the other two 
 +documents signed by biergaizi and wnereiz for consistency. 
 + 
 +3. Due to this key rollover, the October message was not signed by persmule. 
 +This did/does not indicate a security incident, all of the statements above 
 +were valid, and are still valid. 
 + 
 +4. Recent attacks on OpenPGP keyservers have raised great security concerns 
 +within the community, as a countermeasure, persmule's personal User-ID has 
 +not published to the https://keys.openpgp.org/ keyserver. Instead, only 
 +cryptographic information can be obtained from the keyserver, without any 
 +User-ID. Currently, it's impossible to import a OpenPGP public key without 
 +User-ID to a standard GnuPG installation, as a result, it's not possible 
 +for a 3rd-party to verify the canary document signed by persmule. 
 + 
 +5. We are looking for a solution. But for now, we decided that the best 
 +option is starting publishing new canary documents using the new key. 
 +As a temporary measure, you can check the canary documents signed by 
 +biergaizi and wnereiz to decide the validity of the Statements. By signing 
 +their own copies, it indicates that the new key has been verified privately 
 +by them as valid. 
 + 
 +6. This effectively reduced the number of signers to two people. It reduces 
 +the level of confidence, but currently there is no alternative option yet. 
 + 
 +7. Once the technical problem of OpenPGP public key without User-ID is 
 +resolved, you can check the previous signatures retroactively, and this 
 +would effectively restore the level of confidence. You can archive 
 +persmule's signature as soon as it's published to your own machine to 
 +ensure no data tampering has occured. 
 + 
 +8. Unlike persmule, biergaizi and wnereiz's signing keys are unchanged, 
 +but the Key-IDs have been changed to its full fingerprint format in the 
 +canary document for clarity.
  
-2new membervimacs (0xEA2DB82FE04A9403) has became a new signer since this +9When new information is availableit will be published in the "Special 
-month. You can validate the new keys by cross-checking the other two copies of +Announcements" section in future warrant canary documents.
-this document, signed by biergaizi and persmule. Or by checking the Web of Trust.+
  
 Proof of Freshness Proof of Freshness
Line 82: Line 124:
  
 $ rsstail -1 -n5 -N -u https://www.telegraph.co.uk/news/rss.xml $ rsstail -1 -n5 -N -u https://www.telegraph.co.uk/news/rss.xml
- US pushes for talks as North Korea hints it may lift nuclear test moratorium + US intelligence chief replaced 'after clash with Donald Trump over Russian bid to boost re-election' 
- Nazanin Zaghari-Radcliffe transferred to hospital psychiatric ward in Iran, says husband + Windrush draft report that called Home Office institutionally racist 'was watered down' 
- Donald Trump condemned by Congress as he says he does not have 'racist bonein his body + Grace Millane killer sentenced to life in prison in New Zealand for murder of British backpacker 
- UK enjoys partial lunar eclipse on 50th anniversary of Apollo 11 moon mission launch + Regent's Park mosque stabbing: man in his 70s attacked during prayers 
- R Kelly pleads not guilty as singer denied bail on US charges of sex crimes+ Thursday evening news briefing: Stabbing in London mosque
  
 $ rsstail -1 -n5 -N -u https://rss.nytimes.com/services/xml/rss/nyt/World.xml $ rsstail -1 -n5 -N -u https://rss.nytimes.com/services/xml/rss/nyt/World.xml
- A Prosperous China Says Men Preferred, and Women Lose + Coronavirus Live Updates: Clusters in Japan May Hint at How Virus Spreads 
- Epsteins Ties to Former Israeli Leader Shake Up Election Campaign + Far-Right Shooting Shatters an Already Fragile Sense of Security in Germany 
- Runaway Train Explosion Killed 47, but Deadly Cargo Still Rides the Rails + Police State With an Islamist Twist: Inside Hifters Libya 
- Irans Top Leader Strikes Defiant Tone as Trump Says Were Not Looking for Regime Change + U.S. and Allies Blame Russia for Cyberattack on Republic of Georgia 
- Turkeys Erdogan Goes His Own Way as Distrust With U.S. Grows+ Suspect Arrested in Stabbing at London Mosque
  
 $ date -R -u $ date -R -u
-Wed17 Jul 2019 04:56:55 +0000+Fri21 Feb 2020 02:01:48 +0000
  
 -----BEGIN PGP SIGNATURE----- -----BEGIN PGP SIGNATURE-----
-Version: GnuPG v2 
  
-iQIzBAEBCgAdFiEEJVIRsjlaWj4OSKDx+tPrBeiOjW0FAl0zG+gACgkQ+tPrBeiO +iQEzBAEBCgAdFiEEwonfPqgFyacM7J3iwYAPuUJ74CEFAl5POx0ACgkQwYAPuUJ7 
-jW10VA//T5gyg2+EnF8eqBC/C7zHbjlMA4TCA/txSfJjasrr7BbygvZdMLYlkUo2 +4CFEBAgAzvltWGMHElouFtnWIfb5EU0LL9Zlfhg2V8KZ/fe+bL6mKw1H9gxwTo08 
-UzZDsoVk3hFtEFLQxXsICp2Yji8utHdYvTjS5b8HC0jJaMUzvsUAjKlBugUTLwQa +oi+GBRYQz8l4AVU1YTDO2aZNUYATIxsiBhFAEpGe1xoh3ui/9bZbUAtMZBHfoHK3 
-TM17kG8Wnobvmgcz/hW8FysiN9yS67Air9ZcN5YPaWs0gseqMlJZ2JLlH+HGbV52 +ff6UnbfbHZOWUyfh03UNllZ3cdVBzQ9c64LrFlPmu2zNaif2/QTvESOpuDfNwRoR 
-sMkCgaGofvJCIijC1R5CXIZ6zKA78Rn7ItZPFbQmgrdiUjbdNhlecYv9fHL/sAON +CDsOg434SMB5T8mruLDy7NPyqey+03BpkhEMalskn6ra8FQWmct7q2xVfkB5HRhy 
-jY3lD37piqHSQxjIB6EX8BxDUN85D8thoQbdbe6XMMuG5LkStFZjrqJ9G6UcD1ME +l4SGWGNI8eE9+atyH/wKM46Ytdx0zgBCHQ95yeWa4kwAn6EP9kYMEqMRCSAdHauW 
-JDMt5ffIgKE5+s8+fHZ3rGjD0Vu929f4v7UdRK6lncbjUF8UH40N45qk698T0cj3 +Mp4GAH94izVkxwDQ6R7X9o2WdmZh7w=
-rIgy/uOt03xi6EqThhLcJvQLCZU8U3aH4oCC4hArlIw2yiO7yZXeNcH040uP935o +=1OSg
-hQZ4CfukOuAOTQ2Ar4c4gQpBr+K5pPRfFVZBg2ZLJ3QvC7cH/T6rqEQDn9vyz/7f +
-hp3YdMsN4E+769yBx0l3ByeMYrII3KPO+CYgWc8Hyvn74/jJzBlx7GP5aohQG/Gk +
-uFKLYqA6dVEy611j8o6l0P0QXbVywMPE+ZfW8ncK3MQmzL1wfOeOWUz4OTR4xXOd +
-Zgz2oCg6ZnMr5XsbVCymik8e10Z9WAZk7kNSXO16z8alXVhIWWc+
-=qwGD+
 -----END PGP SIGNATURE----- -----END PGP SIGNATURE-----
 </code> </code>
blug-canary-1.txt · Last modified: 2024/04/30 16:36 by BLUG Admin

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Driven by DokuWiki Template From SyntaxSeed