| lh | 9ed821d | 2023-04-07 01:36:19 -0700 | [diff] [blame] | 1 | Fingerprints for Signing Releases |
| 2 | |
| 3 | OpenSSL releases are signed with PGP/GnuPG keys. This file contains |
| 4 | the fingerprints of team members who are "authorized" to sign the |
| 5 | next release. |
| 6 | |
| 7 | The signature is a detached cleartxt signature, with the same name |
| 8 | as the release but with ".asc" appended. For example, release |
| 9 | 1.0.1h can be found in openssl-1.0.1h.tar.gz with the signature |
| 10 | in the file named openssl-1.0.1h.tar.gz.asc. |
| 11 | |
| 12 | The following is the list of fingerprints for the keys that are |
| 13 | currently in use to sign OpenSSL distributions: |
| 14 | |
| lh | 758261d | 2023-07-13 05:52:04 -0700 | [diff] [blame^] | 15 | pub rsa4096 2014-10-04 |
| 16 | Key fingerprint = EFC0 A467 D613 CB83 C7ED 6D30 D894 E2CE 8B3D 79F5 |
| 17 | uid OpenSSL OMC <openssl-omc@openssl.org> |
| 18 | uid OpenSSL Security <openssl-security@openssl.org> |
| 19 | |
| lh | 9ed821d | 2023-04-07 01:36:19 -0700 | [diff] [blame] | 20 | pub 4096R/7DF9EE8C 2014-10-04 |
| 21 | Key fingerprint = 7953 AC1F BC3D C8B3 B292 393E D5E9 E43F 7DF9 EE8C |
| 22 | uid Richard Levitte <richard@opensslfoundation.com> |
| 23 | uid Richard Levitte <levitte@openssl.org> |
| 24 | uid Richard Levitte <richard@openssl.com> |
| 25 | |
| 26 | pub 2048R/0E604491 2013-04-30 |
| 27 | Key fingerprint = 8657 ABB2 60F0 56B1 E519 0839 D9C4 D26D 0E60 4491 |
| 28 | uid Matt Caswell <matt@openssl.org> |
| 29 | uid Matt Caswell <frodo@baggins.org> |
| 30 | |
| 31 | pub rsa4096 2021-02-14 |
| 32 | B7C1 C143 60F3 53A3 6862 E4D5 231C 84CD DCC6 9C45 |
| 33 | uid Paul Dale <pauli@openssl.org> |
| 34 | |
| 35 | pub rsa4096 2021-07-16 |
| 36 | A21F AB74 B008 8AA3 6115 2586 B8EF 1A6B A9DA 2D5C |
| 37 | uid Tomáš Mráz <tm@t8m.info> |
| 38 | uid Tomáš Mráz <tomas@arleto.cz> |
| 39 | uid Tomáš Mráz <tomas@openssl.org> |