Project

General

Profile

ReleaseKey » History » Version 9

Loic Dachary, 10/22/2016 09:57 PM
update the --recv-key lines with alternate server explicitly set, in case a user has no default and is unfamilar with gpg and/or one of the server is down

1 7 Paul Kocialkowski
h1. Replicant release key
2 1 Paul Kocialkowski
3
The current Replicant release key expires: 2024-01-17 and has fingerprint:
4
<pre>
5 5 Paul Kocialkowski
E776 092B 052A DC91 FDD1 FD80 16D1 FEEE 4A80 EB23
6 1 Paul Kocialkowski
</pre>
7
8
h2. Retrieving the Replicant release key
9
10
h3. From a key server 
11
12 5 Paul Kocialkowski
You can retrieve our signing key from a public key server and import it to your GPG keyring using:
13 1 Paul Kocialkowski
<pre>
14 9 Loic Dachary
gpg --keyserver keys.gnupg.net --recv-key 4A80EB23
15
</pre>
16
or
17
<pre>
18
gpg --keyserver pgp.mit.edu --recv-key 4A80EB23
19 1 Paul Kocialkowski
</pre>
20
21
h3. From our releases
22
23 8 Paul Kocialkowski
A copy of our signing key is shipped with every Replicant release, distributed with [[ReplicantImages|Replicant images]].
24 1 Paul Kocialkowski
Once downloaded, the key can be imported to your GPG keyring using:
25
<pre>
26 6 Paul Kocialkowski
gpg  --armor --import path/to/4A80EB23.asc
27 1 Paul Kocialkowski
</pre>
28
29
h2. Establishing a chain of trust
30
31
In order to establish a chain of trust, you are encouraged to retrieve our release key physically when meeting a trusted [[People|Replicant developer]] and sign it with your own key.