Closed
Bug 497690
Opened 15 years ago
Closed 15 years ago
Renew GPG key before it expires
Categories
(Release Engineering :: General, defect, P2)
Release Engineering
General
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: joduinn, Assigned: joduinn)
Details
Attachments
(1 file)
|
3.73 KB,
text/plain
|
nthomas
:
checked-in+
|
Details |
During FF3.0.11 release, catlee noticed this GPG key will expire in July (16th?). We need to renew the key before it expires.
|
Assignee | |
Comment 1•15 years ago
|
||
Got sidetracked with FF3.5.0 and Q2/Q3 goals. Suddenly its now 08july. Bumping priority.
Priority: -- → P2
|
|
Assignee | |
Comment 2•15 years ago
|
||
Found bug#377781, where I did this two years ago, last time the key expired.
|
||
Comment 3•15 years ago
|
||
FYI: According to http://ftp.mozilla.org/pub/mozilla.org/firefox/nightly/3.5.1-candidates/build1/KEY, it does expire on the 16th. I just finished signing 3.5.1 so we made the cut off there
|
|
Assignee | |
Comment 4•15 years ago
|
||
(In reply to comment #3) > FYI: > According to > http://ftp.mozilla.org/pub/mozilla.org/firefox/nightly/3.5.1-candidates/build1/KEY, > it does expire on the 16th. > > I just finished signing 3.5.1 so we made the cut off there ....so we *just* made the cutoff! Phew! Thanks Ben.
|
|
Assignee | |
Comment 5•15 years ago
|
||
dveditz and I looked over this together in person, but posting here for the record.
|
|
Assignee | |
Comment 6•15 years ago
|
||
New private key now on signing machine, Lukas is trying it now. Stay tuned. Meanwhile, should I checkin this new public key into the repo, just like we did for bug#377781? Or has this now moved to a new hg-based location?
|
||
Comment 7•15 years ago
|
||
(In reply to comment #6) > [...] > Meanwhile, should I checkin this new public key into the repo, just like we did > for bug#377781? Or has this now moved to a new hg-based location? That's a very good question, and one I am asking similarly for the new comm-central signing keys in bug 499709 comment #1. Any insight/opinions would be most welcome as to where would a good place be to stick these trusted public keys.
|
|
Assignee | |
Comment 8•15 years ago
|
||
nthomas did an additional manual test, which looks good too: -bash-3.00$ gpg --verify firefox-3.0.12.tar.bz2.asc firefox-3.0.12.tar.bz2 gpg: Signature made Mon 20 Jul 2009 05:53:54 PM PDT using DSA key ID 17785FE8 gpg: Good signature from "Mozilla Software Releases <releases@mozilla.org>" gpg: checking the trustdb gpg: checking at depth 0 signed=1 ot(-/q/n/m/f/u)=0/0/0/0/0/3 gpg: checking at depth 1 signed=0 ot(-/q/n/m/f/u)=1/0/0/0/0/0 gpg: next trustdb check due at 2011-07-20
|
|
||
Comment 9•15 years ago
|
||
(In reply to comment #6) > Meanwhile, should I checkin this new public key into the repo, just like we did > for bug#377781? Or has this now moved to a new hg-based location? CVS mofo is still the right place for this.
|
||
Updated•15 years ago
|
Attachment #389589 -
Flags: checked‑in+
|
|
||
Comment 10•15 years ago
|
||
Comment on attachment 389589 [details]
new public key with added header text
Updated the public key in the mofo repo.|
|
Assignee | |
Comment 11•15 years ago
|
||
We used this new key on FF3.0.12, which we shipped yesterday. Now tidying up bugs. Posted renewed public key, and verified, on: pgp.mit.edu pgpkeys.mit.edu Skipped the following keymasters because of errors: keyserver.veridis.com redirects to keyserver.veridis.com:11371/disabled.jsp. wwwkeys.pgp.net redirects to http://wwwkeys.pgp.net/apache2-default. Thats it for another 2 years, so closing.
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
|
||
Updated•11 years ago
|
Product: mozilla.org → Release Engineering
You need to log in
before you can comment on or make changes to this bug.
Description
•