As the infrastructure liaison to release engineering, I'd like to
provide a status update and clarification on the matter of PGP signing
For older releases, we used key ID 0x17072058, however this key was
strictly controlled and only used for non-automated releases. We intend
to keep this key seperate for this reason.
For the new weekly releases, as of last week, they are signed, with a
new unattended key, ID 0x2D182910.
The active list of signing keys is now being made available here:
Complete list of IDs and fingerprints, as of 2009/09/02.
Main (non-automated) signing:
Fingerprint: D99E AC73 79A8 50BC E47D A5F2 9E64 38C8 1707 2058
Weekly automated releases:
Fingerprint: 13EB BDBE DE7A 1277 5DFD B1BA BB57 2E0E 2D18 2910
Fingerprint: AE54 54F9 67B5 6AB0 9AE1 6064 0838 C26E 239C 75C4
Robin Hugh Johnson
Gentoo Linux: Developer, Trustee & Infrastructure Lead
E-Mail : firstname.lastname@example.org
GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85