Re: [bitcoin-core-dev] Revoking "Bitcoin Core binary release signing key"

W. J. van der Laan via bitcoin-core-dev Sat, 11 Feb 2023 05:21:29 -0800


-----BEGIN PGP PUBLIC KEY BLOCK-----
Comment: This is a revocation certificate


iQLoBCABCgDSFiEEAepUht4YqILUwmhFkMgBnjbC6WQFAmPnkfe0HQNUaGlzIGtl
eSB3YXMgdXNlZCB0byBzaWduIEJpdGNvaW4gQ29yZSByZWxlYXNlcyAwLjIxIGFu
ZCBiZWZvcmUuIFRoZSBsYXN0IHN1Y2ggcmVsZWFzZXMgd2VyZSAwLjIwLjIgYW5k
IDAuMjEuMiByZXNwZWN0aXZlbHkgaW4gMjAyMS4gRG8gbm90IHRydXN0IHRoZSBr
ZXkgZm9yIHJlbGVhc2VzIGFmdGVyIDIwMjIuAAoJEJDIAZ42wulkujkP/28igLT2
m90zhX53xDAVeE2P+WyORyf/eR+Sez7SMqpofuABvZRxuF2UHaRKTzoJUuzopNdE
RO1W2KGXb1DIbDCm+lpyRMXMIZ7dLy7BbwDfFwhTEplyKq7UeXH51FibFynfwX3y
Uiwi5hMXhv5EpTTjbyYUuo/tqm5EAXZuvx4vNcX9Kdhy7UP1SKvpvE1Ex5DNcctW
0nzex5xecba13JAFX6y5YQUvKPil6cVtj434ba3GP6oN4GgI3rqSYM9m/YFQuRik
W11ZLoSdoIfw33609qh71T8s7SmW7h57kaa3y7p2u6XbPcbinDT4uuamfG+Q9YRc
AlPYEBSCWej/fW7BExB2+U4VWzbNQEJnu9Upz86gCzQ91d4wzzSxiQQj8RlqXTsD
aOI0VoXrVF9eG9kL/qJD7+ne3V8fFb3YsBMA8ZeQDu6ImHipThUqzkcAhrZsZZaH
LJKXN1Lyvia7ZVJebAJ0uMy4HvkmWTVgnPmuY2jXVjyL+5oBENPcqXSMFNJQ+cgC
feVc1yKDBSWZVd4GvhZ3lVdb21/bltJ1jqHPQVg55zi5JKB9BFdu6NunS9SXoNDR
xFfbb+ezL2+Fm3FBlpv46I/g49kS3ySbNdKifcG3aC41D3vKTInU7w1BBagOcXQV
jM4AzbOhveMklNyc8VcB30XiqO3vGWGWcC7e
=jIFT
-----END PGP PUBLIC KEY BLOCK-----

$ gpg --list-packets --verbose < revoke-laanwj-releases.asc 
gpg: armor header: Comment: This is a revocation certificate
# off=0 ctb=89 tag=2 hlen=3 plen=744
:signature packet: algo 1, keyid 90C8019E36C2E964
        version 4, created 1676120567, md5len 0, sigclass 0x20
        digest algo 10, begin of digest ba 39
        hashed subpkt 33 len 21 (issuer fpr v4 
01EA5486DE18A882D4C2684590C8019E36C2E964)
        hashed subpkt 2 len 4 (sig created 2023-02-11)
        hashed subpkt 29 len 179 (revocation reason 0x03 (This key was used to 
sign Bitcoin Core releases 0.21 and before. The last such releases were 0.20.2 
and 0.21.2 respectively in 2021. Do not trust the key for releases after 2022.)




------- Original Message -------
On Thursday, February 9th, 2023 at 2:59 PM, W. J. van der Laan 
<laa...@protonmail.com> wrote:


> 
> 
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
> 
> Hello,
> 
> Just a heads-up that I'm revoking the "Bitcoin Core binary release signing 
> key" PGP key (fingerprint 01EA5486DE18A882D4C2684590C8019E36C2E964).
> 
> It was the sole key used to sign the binary distributions of 0.21.x and 
> before. Releases 22.0 and later are signed by every builder, and are not 
> affected.
> 
> To be clear: the key was not compromised. However, I cannot warrant its 
> safety. It is a single point of failure, after all.
> 
> Please remove it from verification pipelines.
> 
> See also https://github.com/bitcoin-core/bitcoincore.org/pull/951
> 
> W.
> -----BEGIN PGP SIGNATURE-----
> 
> iQEzBAEBCgAdFiEEnerg3HBjJJ+wVHRoHkrtYphs0l0FAmPk/AoACgkQHkrtYphs
> 0l3svwf+Nc1w2fCO7dI80E5WmiuKDrOCP2V91FzuwTBnjCZUPmvg1dWPw4f76ray
> Cra2LqUIvW2fSfjq4fR+ca/KdfhEoGvZ17drHray1x21kmXRQ5V5I+c4RSVHelgG
> 6iLXykbpJR68rdudVjVQswQG5u+/eSg7x4qe0V3ED3gdCzNoNcYEFoF0wuz5bnbo
> E0hco6piCdEkwf6/6/NWWqpKsYigvuwacwl1hCqAj9Y5vMzPhAvmVj90lT8jqhFf
> 610eXJqeg021sK7JhcYW9yG0lMHNQ/sz16A/NzkneGGKVU5AvQAPRnKVXR3dqWxS
> o7Uqe2A/rXRgWAE1UG3qEswyHGg1Gw==
> =0bDa
> -----END PGP SIGNATURE-----
_______________________________________________
bitcoin-core-dev mailing list
bitcoin-core-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-core-dev

Re: [bitcoin-core-dev] Revoking "Bitcoin Core binary release signing key"

Reply via email to