Hi, The Replicant 6.0 releases (0001 to 0003) were signed with keys you generated during the builds.
We have several important issues that are fixed in the upcoming Replicant 6 release (like SIM not detected, several freedom and/or privacy issues, etc). Since the issue are important, it might be a good idea not to require every existing user to wipe their data to upgrade to the new release. I've worked on a script to generate a key migration script to migrate from your keys to new ones but the resulting script is too fragile. Some user(s) still had to wipe their data with the test images (RC) long after installing them, and I also had a data corruption with one of the test image where the script was involved as well. Do you still have a copy of the vendor/replicant-security that was used for the previous Replicant 6 releases? Would it be possible for you to send them to me in a secure way (strongly encrypted with GPG at least)? Denis.
pgpWNK1AwWRD4.pgp
Description: OpenPGP digital signature
_______________________________________________ Replicant mailing list Replicant@osuosl.org https://lists.osuosl.org/mailman/listinfo/replicant