List the Yoga cycle signing key as current
This sets the end date for the Xena key, adds the Yoga key starting today and links to an export of the corresponding public key. It also drops references to the now defunct SKS keyserver network and our old rotation process which was tied to it. Instead the key has been created following the new process described by change I7008706aae06b6e4a16db2dd85a8c7f91530cd50. Depends-On: https://review.opendev.org/815548 Change-Id: I53f11a249b5e09c84d65644ee609553a9b6e6353
This commit is contained in:
Jeremy Stanley
@@ -94,71 +94,58 @@ Cryptographic Signatures
|
||||
|
||||
Git tags created through our release automation are signed by
|
||||
`centrally-managed OpenPGP keys`_ maintained by the `OpenStack
|
||||
Infrastructure team`_. Detached signatures of many separate release
|
||||
TaCT SIG`_. Detached signatures of many separate release
|
||||
artifacts are also provided using the same keys. A new key is
|
||||
created corresponding to each development cycle and rotated
|
||||
relatively early in the cycle. (Implementation completed late in the
|
||||
Newton cycle, so many early Newton artifacts have no corresponding
|
||||
signatures.)
|
||||
|
||||
OpenStack Infrastructure root sysadmins and Release Managers publish
|
||||
their own signatures of these keys into the global keyserver
|
||||
network. Copies of the public keys can be found below along with the
|
||||
date ranges during which each key was in general use.
|
||||
signatures.) Copies of the public keys can be found below along with
|
||||
the date ranges during which each key was in general use.
|
||||
|
||||
* 2016-08-03..2016-11-22 (Newton Cycle key):
|
||||
`key 0x80fcce3dc49bd7836fc2464664dbb05acc5e7c28`_ (details__)
|
||||
`key 0x80fcce3dc49bd7836fc2464664dbb05acc5e7c28`_
|
||||
* 2016-11-22..2017-03-24 (Ocata Cycle key):
|
||||
`key 0xd47bab1b7dc2e262a4f6171e8b1b03fd54e2ac07`_ (details__)
|
||||
`key 0xd47bab1b7dc2e262a4f6171e8b1b03fd54e2ac07`_
|
||||
* 2017-03-24..2017-09-15 (Pike Cycle key):
|
||||
`key 0xc96bfb160752606daa0de2fa05eb5792c876df9a`_ (details__)
|
||||
`key 0xc96bfb160752606daa0de2fa05eb5792c876df9a`_
|
||||
* 2017-09-15..2018-03-19 (Queens Cycle key):
|
||||
`key 0x4c8b8b5a694f612544b3b4bac52f01a3fbdb9949`_ (details__)
|
||||
`key 0x4c8b8b5a694f612544b3b4bac52f01a3fbdb9949`_
|
||||
* 2018-03-19..2018-09-05 (Rocky Cycle key):
|
||||
`key 0xc31292066be772022438222c184fd3e1edf21a78`_ (details__)
|
||||
`key 0xc31292066be772022438222c184fd3e1edf21a78`_
|
||||
* 2018-09-05..2019-06-11 (Stein Cycle key):
|
||||
`key 0x27023b1ffccd8e3ae9a5ce95d943d5d270273ada`_ (details__)
|
||||
`key 0x27023b1ffccd8e3ae9a5ce95d943d5d270273ada`_
|
||||
* 2019-06-11..2019-10-29 (Train Cycle key):
|
||||
`key 0xcdc08088c3cb45a9be08332b2354069e5b504663`_ (details__)
|
||||
`key 0xcdc08088c3cb45a9be08332b2354069e5b504663`_
|
||||
* 2019-10-29..2020-05-21 (Ussuri Cycle key):
|
||||
`key 0xbba3b1e67a7303dd1769d34595bf2e4d09004514`_ (details__)
|
||||
`key 0xbba3b1e67a7303dd1769d34595bf2e4d09004514`_
|
||||
* 2020-05-21..2020-10-30 (Victoria Cycle key):
|
||||
`key 0x2426b928085a020d8a90d0d879ab7008d0896c8a`_ (details__)
|
||||
`key 0x2426b928085a020d8a90d0d879ab7008d0896c8a`_
|
||||
* 2020-10-30..2021-05-06 (Wallaby Cycle key):
|
||||
`key 0x5d2d1e4fb8d38e6af76c50d53d4fec30cf5ce3da`_ (details__)
|
||||
* 2021-05-06..present (Xena Cycle key):
|
||||
`key 0x4c29ff0e437f3351fd82bdf47c5a3bc787dc7035`_ (details__)
|
||||
`key 0x5d2d1e4fb8d38e6af76c50d53d4fec30cf5ce3da`_
|
||||
* 2021-05-06..2021-10-27 (Xena Cycle key):
|
||||
`key 0x4c29ff0e437f3351fd82bdf47c5a3bc787dc7035`_
|
||||
* 2021-10-27..present (Yoga Cycle key):
|
||||
`key 0x01527a34f0d0080f8a5db8d6eb6c5df21b4b6363`_
|
||||
|
||||
.. Static key files are generated with the following command:
|
||||
( gpg2 --fingerprint 0x80fcce3dc49bd7836fc2464664dbb05acc5e7c28
|
||||
gpg2 --armor --export-options export-clean,export-minimal \
|
||||
--export 0x80fcce3dc49bd7836fc2464664dbb05acc5e7c28 ) > \
|
||||
( gpg2 --fingerprint 0x80fcce3dc49bd7836fc2464664dbb05acc5e7c28 ; gpg2 \
|
||||
--armor --export 0x80fcce3dc49bd7836fc2464664dbb05acc5e7c28 ) > \
|
||||
doc/source/static/0x80fcce3dc49bd7836fc2464664dbb05acc5e7c28.txt
|
||||
.. _`key 0x80fcce3dc49bd7836fc2464664dbb05acc5e7c28`: _static/0x80fcce3dc49bd7836fc2464664dbb05acc5e7c28.txt
|
||||
.. __: http://pool.sks-keyservers.net:11371/pks/lookup?op=vindex&search=0x80fcce3dc49bd7836fc2464664dbb05acc5e7c28&fingerprint=on
|
||||
.. _`key 0xd47bab1b7dc2e262a4f6171e8b1b03fd54e2ac07`: _static/0xd47bab1b7dc2e262a4f6171e8b1b03fd54e2ac07.txt
|
||||
.. __: http://pool.sks-keyservers.net:11371/pks/lookup?op=vindex&search=0xd47bab1b7dc2e262a4f6171e8b1b03fd54e2ac07&fingerprint=on
|
||||
.. _`key 0xc96bfb160752606daa0de2fa05eb5792c876df9a`: _static/0xc96bfb160752606daa0de2fa05eb5792c876df9a.txt
|
||||
.. __: http://pool.sks-keyservers.net:11371/pks/lookup?op=vindex&search=0xc96bfb160752606daa0de2fa05eb5792c876df9a&fingerprint=on
|
||||
.. _`key 0x4c8b8b5a694f612544b3b4bac52f01a3fbdb9949`: _static/0x4c8b8b5a694f612544b3b4bac52f01a3fbdb9949.txt
|
||||
.. __: http://pool.sks-keyservers.net:11371/pks/lookup?op=vindex&search=0x4c8b8b5a694f612544b3b4bac52f01a3fbdb9949&fingerprint=on
|
||||
.. _`key 0xc31292066be772022438222c184fd3e1edf21a78`: _static/0xc31292066be772022438222c184fd3e1edf21a78.txt
|
||||
.. __: http://pool.sks-keyservers.net:11371/pks/lookup?op=vindex&search=0xc31292066be772022438222c184fd3e1edf21a78&fingerprint=on
|
||||
.. _`key 0x27023b1ffccd8e3ae9a5ce95d943d5d270273ada`: _static/0x27023b1ffccd8e3ae9a5ce95d943d5d270273ada.txt
|
||||
.. __: http://pool.sks-keyservers.net:11371/pks/lookup?op=vindex&search=0x27023b1ffccd8e3ae9a5ce95d943d5d270273ada&fingerprint=on
|
||||
.. _`key 0xcdc08088c3cb45a9be08332b2354069e5b504663`: _static/0xcdc08088c3cb45a9be08332b2354069e5b504663.txt
|
||||
.. __: http://pool.sks-keyservers.net:11371/pks/lookup?op=vindex&search=0xcdc08088c3cb45a9be08332b2354069e5b504663&fingerprint=on
|
||||
.. _`key 0xbba3b1e67a7303dd1769d34595bf2e4d09004514`: _static/0xbba3b1e67a7303dd1769d34595bf2e4d09004514.txt
|
||||
.. __: http://pool.sks-keyservers.net:11371/pks/lookup?op=vindex&search=0xbba3b1e67a7303dd1769d34595bf2e4d09004514&fingerprint=on
|
||||
.. _`key 0x2426b928085a020d8a90d0d879ab7008d0896c8a`: _static/0x2426b928085a020d8a90d0d879ab7008d0896c8a.txt
|
||||
.. __: http://pool.sks-keyservers.net:11371/pks/lookup?op=vindex&search=0x2426b928085a020d8a90d0d879ab7008d0896c8a&fingerprint=on
|
||||
.. _`key 0x5d2d1e4fb8d38e6af76c50d53d4fec30cf5ce3da`: _static/0x5d2d1e4fb8d38e6af76c50d53d4fec30cf5ce3da.txt
|
||||
.. __: http://pool.sks-keyservers.net:11371/pks/lookup?op=vindex&search=0x5d2d1e4fb8d38e6af76c50d53d4fec30cf5ce3da&fingerprint=on
|
||||
.. _`key 0x4c29ff0e437f3351fd82bdf47c5a3bc787dc7035`: _static/0x4c29ff0e437f3351fd82bdf47c5a3bc787dc7035.txt
|
||||
.. __: http://pool.sks-keyservers.net:11371/pks/lookup?op=vindex&search=0x4c29ff0e437f3351fd82bdf47c5a3bc787dc7035&fingerprint=on
|
||||
.. _`key 0x01527a34f0d0080f8a5db8d6eb6c5df21b4b6363`: _static/0x01527a34f0d0080f8a5db8d6eb6c5df21b4b6363.txt
|
||||
|
||||
.. _`centrally-managed OpenPGP keys`: https://docs.openstack.org/infra/system-config/signing.html
|
||||
.. _`OpenStack Infrastructure team`: https://governance.openstack.org/tc/reference/projects/infrastructure.html
|
||||
.. _`OpenStack TaCT SIG`: https://governance.openstack.org/sigs/tact-sig.html
|
||||
|
||||
Documentation
|
||||
=============
|
||||
|
||||
Reference in New Issue
Block a user