-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi all
I recently noticed a GPG key on the public key servers supposedly for my name and email address that I did not create or control (key id 9708D9A2). As I sometimes sign OpenSSL releases I thought it was worth reminding everyone that the only keys that should be trusted when verifying an OpenSSL release are those linked to from the website: https://www.openssl.org/about/ Matt -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBAgAGBQJUWKq1AAoJENnE0m0OYESR+yUH/irTjzn6PUooKHL760y/UTgB 65/R16Ap2n6LfmBGg3acBjaTodZRMSzHM5nkL8ya3fxI89KYP7/F5fQDqfwpjQHx K7s4EImchoRirYmfhKrQzNYfo42gq76EDCIsOvtRAtcvU3ojC5gxTPj+1F61Azdb e4AQCgG1BvfYNslED4IAAtv9qAZB9sPHUpj1ZIMEyh+mquHkYFzNYGDL1dIwlOx2 dZZ9ddWBHdsHyPqKcFsvAbn43C+DGxYm/ZJXE4NP/yQe6UMAPFXCZcTuyNgIgmw0 kzoNbPvlg9t/CrhzDnHhy3umUysKjTWBFVRLuU68a0uJb2VSqZqM8k6TuQPs/E8= =x8a5 -----END PGP SIGNATURE----- ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org