Hi Philipp, On Thu, Mar 20, 2008 at 05:12:11PM +0100, Philipp Kern wrote: > On Fri, Jul 08, 2005 at 09:59:58AM +0200, Teun Nijssen wrote: > > I am Teun Nijssen, Security Advisor at Tilburg University, but also > > responsible for the SURFnet GPG Keyserver at pgp.surfnet.nl as well > > as for operating the SURFnet-PKI. My GPG key has been signed by > > Phil Zimmermann (PGP) as well as Werner Koch (GPG). > > > > I wholeheartedly support the Debian efforts of Joos van Baal in > > general as well as specifically the inclusion of the > > SURFnet-PCA-Root-CA in the Debian distributions. > > your signature is the only one still valid and doesn't provide me > with a trust path (i.e. it does not list the SHA1 and MD5 checksums > of the certificate). > > Joost's signature is invalid: > gpg: Signature made Tue 14 Sep 2004 17:12:34 CEST using DSA key ID 88C6EDF6 > gpg: please do a --check-trustdb > gpg: Good signature from "Joost van Baal <[EMAIL PROTECTED]>" > gpg: aka "Joost van Baal <[EMAIL PROTECTED]>" > gpg: WARNING: This key has been revoked by its owner! > gpg: This could mean that the signature is forged. > gpg: reason for revocation: Key is superseded > gpg: revocation comment: Superseded by B8FA C2E2 5047 5B8C E940 A919 5793 > 0DAB 0B86 B06 (Joost E. van Baal (Nederland, 1970)) > gpg: WARNING: This key is not certified with a trusted signature! > gpg: There is no indication that the signature belongs to the owner. > Primary key fingerprint: 7177 F40B 051B 5793 8A0B E219 5F76 E17A 88C6 EDF6 > > As is Wessel's (which actually provides the checksums): > gpg: Signature made Thu 07 Jul 2005 17:32:43 CEST using DSA key ID 22047F26 > gpg: please do a --check-trustdb > gpg: Good signature from "Wessel Dankers <[EMAIL PROTECTED]>" > gpg: aka "Wessel Dankers <[EMAIL PROTECTED]>" > gpg: aka "Wessel Dankers <[EMAIL PROTECTED]>" > gpg: aka "Wessel Dankers (developer) <[EMAIL PROTECTED]>" > gpg: Note: This key has expired! > Primary key fingerprint: 458E 3F32 7F08 DBFE D930 EB70 C122 0C95 2204 7F26 > > Please provide me with two signatures (out of the strong set) and I will > take care of your request.
Thanks for getting back on this request. Unfortunately, it's no longer useful to act upon it: SURFnet is ditching it's root certificate: it's currently being phased out. Anyway, this message is signed with a non-expired PGP signature. Checksums of SURFnet-PCA-Root-CA.crt are: MD5 a7991edddc490620c726be799071fe50 SHA1 fe6c780cec3412f2c904184144c824ce6abcec6e Bye, Joost -- Joost van Baal http://abramowitz.uvt.nl/ Tilburg University mailto:joostvb.uvt.nl The Netherlands
signature.asc
Description: Digital signature
