Old public keys revoked; new keys generated

By Greg Turnquist

Greg is a member of the Spring team, an author of several books on Spring Boot, conference speaker, and the lead for Spring Data JPA.

April 10, 2014

heartbleedRight now, I’ve added a widget to the right with some key links. Due to the heartbleed bug that has compromised an estimated 500,000 servers, most secrets are considered unsafe. Hence, I have revoked all past gpg keys and generated a new one.

I would sign the new key with the old one to maintain my trust linkage with the others, but that isn’t safe. Basically, I have to rebuild from scratch. I joined the strong set web of trust years ago. Now I need to email some of the people I knew that were in it, and see if we can sign the new keys.

If you have a public-private key pair, I suggest you do the same.

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *