Re: [GIT PULL] integrity subsystem updates for v5.17
From: Mimi Zohar
Date: Tue Jan 11 2022 - 17:55:02 EST
On Tue, 2022-01-11 at 13:21 -0800, Linus Torvalds wrote:
> On Mon, Jan 10, 2022 at 2:02 PM Mimi Zohar <zohar@xxxxxxxxxxxxx> wrote:
> >
> > git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git tags/integrity-v5.17
>
> Side note: I can't find the key you're using for the tag signing anywhere.
>
> This isn't new, and I've seen this key before, and I suspect it's just
> another new key update that the complete breakdown of all the pgp
> keyservers makes hard to get out.
>
> You used to use RSA key 8D2302082EFE723A379ECCD26B792466B03E715A,
> which I have, the last few pulls you've been using EDDSA key
> 1D5D554518DE57A8AAF51E3ECBC19CD1B02AE7E5 that I can't actually find.
Yes, I received the Nitrokey Start and followed the maintainer-pgp-
guide (and Nitrokey) directions at the time. It was hard finding a
working gpg server, but I finally found one, at least I thought I found
one.
>
> It also isn't in the kernel.org pgpkeys repo.
>
> You could try submitting it there:
>
> https://korg.docs.kernel.org/pgpkeys.html#submitting-keys-to-the-keyring
>
> Oh, how I hate pgp. I thought that having git wrap all the key
> verification would make it usable (counter-example: the incredible
> garbage that is pgp signed email), but then the keyservers stopped
> working, and so the keys themselves end up being a problem.
Submitted.
Mimi