[dns-operations] IANA root PGP key gone from servers?
Doug Barton
dougb at dougbarton.us
Fri Mar 23 00:21:37 UTC 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 3/22/2012 9:51 AM, Chris Adams wrote:
> It appears that the PGP key used to sign the data at
> https://data.iana.org/root-anchors is no longer on a public key server
> (at least the common ones I checked). I had a DNSSEC setup script that
> checked the PGP signature as an additional security check and now it
> fails.
Note, this is a completely unofficial reply, as all this stuff was set
up long after my time ...
You can find the key on ICANN's web site at:
https://data.iana.org/root-anchors/. They key looks like this:
pub 1024D/0F6C91D2 2007-12-01
Key fingerprint = 2FBB 91BC AAEE 0ABE 1F80 31C7 D1AF BCE0 0F6C 91D2
uid DNSSEC Manager <dnssec at iana.org>
sub 2048g/1975679E 2007-12-01
I just checked and it's available at hkp://pool.sks-keyservers.net at
least. Also FYI, PGP keyservers are write-once, they never delete keys,
signatures, or anything else.
hth,
Doug
- --
If you're never wrong, you're not trying hard enough
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
iQEcBAEBCAAGBQJPa8IPAAoJEFzGhvEaGryE9+EH/iscXUK/0qYVSsG8Ko0Ch2/a
PB2J65NBNyUZNuTnkaehOLu4MMauVC6K1Sy6kuiFa0ZN19mADErzxXj7pCCMo7/V
ugQSloDJXSdy7DkSnHLIxR7g2N+FPPtbgsBy49VmuYR4jngc6k6alXwuKpYKcWGA
PnInbsD7D5dxNReOguqGBX+0Ch8ERjF8Z6p+QRRUkbhQzs7xIvSJNAzoLHNuGUR9
BC6jhvZs5r0VePrbsopP4rKdY0oC3UbUHQyLqQIqJheNSeDdd+202pFdo7byDC4+
LOzoaRz4vuNad072n2ZdB+HuHzA3Y4D4pJuz0JsqFVbhPFqwKiWA48S2A9tFAZg=
=jw70
-----END PGP SIGNATURE-----
More information about the dns-operations
mailing list