On Sunday, January 14, 2024 at 8:51:09 PM UTC-5 vince wrote: Matthew - the issue now on f39 is 'your' old key from keys.html. Tom's updated key imports ok.
short version: we need to use 4096 bits and SHA256 for the record (and the benefit of future me), the latest fedora rejects tom's original key because it is SHA1, but it rejects my original key because it is a 1024-bit asymmetric that was created in 2014. this will probably be an issue on suse, since we sign the rpms for both redhat and suse. it is easier to fix for debian, since we sign the repository index for apt, not individual .deb files. we'll re-sign everything (again). for those of you who need to update signatures and things you have signed, redhat has some details: https://www.redhat.com/en/blog/updating-gpg-keys-for-fedora-and-rhel and this NIST 2019 publication explains why it is necessary: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar2.pdf -- You received this message because you are subscribed to the Google Groups "weewx-user" group. To unsubscribe from this group and stop receiving emails from it, send an email to weewx-user+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/weewx-user/44b924aa-6992-47ca-bff2-02ff198b3f9an%40googlegroups.com.