BLUG Wiki

User Tools

Site Tools

You are here: start » blug-canary-2
Trace:
blug-canary-2

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision Both sides next revision
blug-canary-2 [2020/05/12 03:48]
persmule 		blug-canary-2 [2020/05/14 12:40]
persmule
Line 71: Line 71:
 1. Due to personal reasons, wnereiz (0xFDFF2E13AA25BE72) voluntarily decided 1. Due to personal reasons, wnereiz (0xFDFF2E13AA25BE72) voluntarily decided
 to quit from the warrant canary team and he is no longer a signer of the to quit from the warrant canary team and he is no longer a signer of the
-warrant canary documents since April 15th, 2019. All statements from the+warrant canary documents since April 15th, 2020. All statements from the
 warrant canary documents before this date are still valid. This is an official warrant canary documents before this date are still valid. This is an official
-desicion that can be verified by checking the warrant canary document in April,+decision that can be verified by checking the warrant canary document in April,
 signed by wneriez. signed by wneriez.
  
-2. A new member, vimacs (0xEA2DB82FE04A9403) has became a new signer since this+2. In the previously mentioned document designed by wneriez in April 2020, 
 +the date in its statements was mistakenly written as "April 15th, 2019", 
 +which was a typo, but cannot be changed due to the nature of digital signature. 
 +We declare that it's hereby corrected to "April 15th, 2020"
 + 
 +3. A new member, vimacs (0xEA2DB82FE04A9403) has became a new signer since this
 month. You can validate the new keys by cross-checking the other two copies of month. You can validate the new keys by cross-checking the other two copies of
 this document, signed by biergaizi and persmule. this document, signed by biergaizi and persmule.
  
-3. Due to the ongoing security issues of OpenPGP keyservers, it makes signature+4. Due to the ongoing security issues of OpenPGP keyservers, it makes signature
 verification an issue and somewhat a challenge. For completeness, complete verification an issue and somewhat a challenge. For completeness, complete
 procedures for canary verification has been added. procedures for canary verification has been added.
  
-Canary Verification Procedure+Canary Verification Procedures
 ~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~
  
Line 99: Line 104:
     a. Unfortunately, it's not possible yet. Recent attacks on OpenPGP key-     a. Unfortunately, it's not possible yet. Recent attacks on OpenPGP key-
     servers have raised great security concerns within the community, as a     servers have raised great security concerns within the community, as a
-    countermeasure, persmule'personal User-ID han bees published to the+    countermeasure, persmule'new public key has been published to the
     https://keys.openpgp.org/ keyserver, but without a User-ID. Currently,     https://keys.openpgp.org/ keyserver, but without a User-ID. Currently,
     it's impossible to import a OpenPGP public key without User-ID for a     it's impossible to import a OpenPGP public key without User-ID for a
Line 110: Line 115:
     no alternative option yet.     no alternative option yet.
  
-    c. Once the technical problem of OpenPGP public key without User-ID is+    c. Once the technical problem of using a public key without User-ID is
     resolved, you can check the previous signatures retroactively, and this     resolved, you can check the previous signatures retroactively, and this
     would effectively restore the level of confidence. You can archive the     would effectively restore the level of confidence. You can archive the
Line 124: Line 129:
  
     b. Use Debian GNU/Linux operating system and install GnuPG. Other operating     b. Use Debian GNU/Linux operating system and install GnuPG. Other operating
-    systems may lack necessary out-of-tree GnuPG patches required, Debian must +    systems may lack the necessary out-of-tree GnuPG patches required, Debian 
-    be used.+    must be used.
  
     c. Fetch vimacs' old public key from a traditional OpenPGP Keyserver, such     c. Fetch vimacs' old public key from a traditional OpenPGP Keyserver, such
Line 144: Line 149:
     f. Now, it's possible to verify the signature by following the standard     f. Now, it's possible to verify the signature by following the standard
     procedures. Ignore the "key expired" warning (because the latest UID is     procedures. Ignore the "key expired" warning (because the latest UID is
-    not published, only the expired UIDs are available.+    not published, only the expired UIDs are available).
  
 Proof of Freshness Proof of Freshness
Line 150: Line 155:
  
 $ rsstail -1 -n5 -N -u https://www.telegraph.co.uk/news/rss.xml $ rsstail -1 -n5 -N -u https://www.telegraph.co.uk/news/rss.xml
- When will UK lockdown end? The Government's exit plan, explained + Travel restriction updates: Antibody tests could allow holidays to resume 
- Can I see my family or friends under the new social distancing rules+ Clap For Our Carers: what time is the NHS applause tonight
- How does a coronavirus antibody home test kit work, and how do I get one? + Suicide bomb in eastern Afghanistan kills five 
- What essential shops are open during the coronavirus lockdown? + Exclusive: Second more deadly wave of coronavirus 'to hit Europe this winter' 
- 'I can't get a supermarket home delivery slot - what should do?' Coronavirus Q&A+ Can take ibuprofen to treat coronavirus symptomsExpert advice on painkillers and Covid-19
  
 $ rsstail -1 -n5 -N -u https://rss.nytimes.com/services/xml/rss/nyt/World.xml $ rsstail -1 -n5 -N -u https://rss.nytimes.com/services/xml/rss/nyt/World.xml
- Coronavirus World Tracker: GermanyBritain, Wuhan + Coronavirus World Updates 
- China Is Defensive. The U.S. Is Absent. Can the Rest of the World Fill the Void? + Born Into Carnage18 Afghan Babies Face an Uncertain Fate 
- Victim or Executioner? Let the Computer Decide + Inside China's Ambitious Plan to Test Wuhan's 11 Million Residents for Coronavirus 
- This Afghan General Fought the Taliban for Years. Now He Has Joined Them. + Outside Egypt, Critics Speak FreelyInsideFamilies Pay the Price. 
- If U.K. Schools ReopenWill the Students Return?+ Duterte's Shutdown of ABS-CBN Network Leaves Void in Coronavirus Crisis
  
 $ date -R -u $ date -R -u
-Tue12 May 2020 03:46:23 +0000+Thu14 May 2020 12:35:27 +0000
  
 -----BEGIN PGP SIGNATURE----- -----BEGIN PGP SIGNATURE-----
  
-iQEzBAEBCgAdFiEEwonfPqgFyacM7J3iwYAPuUJ74CEFAl66HEIACgkQwYAPuUJ7 +iQEzBAEBCgAdFiEEwonfPqgFyacM7J3iwYAPuUJ74CEFAl69OxsACgkQwYAPuUJ7 
-4CF6NQf/TS4UfVqBwMSradcYixPXfl2i6jTevfPL7V4I0Ufns1S7xrZP8CwgsQn0 +4CENcwf/fXxmuSk2jZh67on74z8JB+RX5UJIcfs7fDOeoQuAZ7xN/cT/Rqe71dhn 
-iItnqAL9KxRSWgJr9vZ7SRGuURojeWDXiSrAT1HS3QSBPuPyq91nbc8YrnigNkwZ +jb9rpgAPUtg1eTeX+tN3B2ucCvDkLjzeHGRj7vzlW3acupiCuu1lHlQhoEDH3lBP 
-rCiB/ukr4gQS1YoANX7z8ITUXA0ndLml8G8BoFP1Lwd2IDPniI+itEZCMEaxMYoC +HF58RQwrYRoPpA4zfCXsp4cfNj5MVd9DL1Gm6QPm/tqkIQr1q4cMT5OfDoYBUAsf 
-OhYaeDppHgdNqbWvl8ssSPUaNvtWd0Uvmiv3vI6+GcSnm3lNivFQRRUeUrd2nXcY +XK0Gk3oBHXNJVjuImYf27Yzh/o2qS1jAo2r/8iaEqxmYet3fvobX7HikbsJgXLV9 
-I4Xp/nGAOpDgIkblEdgPd0VctZWufbisO+U7kGaQAUUWlPLgOqTkGxoPrUdiaxP+ +29jAaI/rkAsZ8LCtoRkZFhpk8r7ORYbs0pSzmxTW0fXlH3BhNErnQKgNG79JxPyh 
-dhBbyEZSCCizvGKLC8imusNQhGIZdg== +oHfYkK5sykO5z5ga+kJ4baPxo1MKWQ== 
-=F6Qz+=XEKh
 -----END PGP SIGNATURE----- -----END PGP SIGNATURE-----
 </code> </code>
blug-canary-2.txt · Last modified: 2024/03/31 15:06 by persmule

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Driven by DokuWiki Template From SyntaxSeed