* Axel Beckert [Tue Nov 18, 2014 at 10:28:03PM +0100]:
On Tue, Nov 18, 2014 at 10:18:39PM +0100, Christoph Biedl wrote:
Some feedback: Since I'm just slightly paranoid and as suggested at http://grml.org/download/, I verified the downloaded grml image to find the signing key has changed:
$ gpgv grml96-full_2014.11.iso.sha1.asc gpgv: Signature made Sat Nov 15 11:28:24 2014 CET using RSA key ID B7EA3737
[...]
$ gpgv grml96-full_2014.03.iso.sha1.asc gpgv: Signature made Sun Mar 30 15:33:34 2014 CEST using DSA key ID 37E272E8
Looking at ...
→ gpg --list-keys 37E272E8 B7EA3737 gpg: please do a --check-trustdb
[...]
pub 4096R/B7EA3737 2010-07-14 [expires: 2020-10-06]
[...]
... I suspect that this has made Mika to change his default signing key:
https://lists.debian.org/debian-devel-announce/2014/11/msg00004.html
Yes, I can confirm that I switched my 1024bit key with a "new" 4096bit key. The "Signing Key" on http://grml.org/download/ links to http://grml.org/download/gnupg-michael-prokop.txt and http://debian.netcologne.de/grml/gnupg-michael-prokop.txt which reflect that change. Sorry that I missed to announce this key change in advanced.
I'm signing this mail with my *old* key, jftr. :)
regards, -mika-