Discussion:
US-CERT -- Expiring Keys
(too old to reply)
David E. Ross
2009-09-18 17:23:59 UTC
Permalink
Twice recently, I notified US-CERT (an agency of the U.S. Department of
Homeland Security) that some of its PGP keys expire the end of this
month. One key is used to communicate computer vulnerabilities to
US-CERT; another key is used to authenticate notices sent by US-CERT
about such vulnerabilities. I have received no response to my messages,
and no new keys are available.

See "A Case Study" in my
<http://www.rossde.com/PGP/key_mgmnt.html#replace> for the mess created
last year when US-CERT keys expired.
--
David E. Ross
<http://www.rossde.com/>.

Don't ask "Why is there road rage?" Instead, ask
"Why NOT Road Rage?" or "Why Is There No Such
Thing as Fast Enough?"
<http://www.rossde.com/roadrage.html>
David W. Hodgins
2009-09-18 18:21:34 UTC
Permalink
Post by David E. Ross
and no new keys are available.
See http://www.cert.org/contact_cert/encryptmail.html
Expires: 2010-10-01

Regards, Dave Hodgins
--
Change nomail.afraid.org to ody.ca to reply by email.
(nomail.afraid.org has been set up specifically for
use in usenet. Feel free to use it yourself.)
David E. Ross
2009-09-18 23:40:02 UTC
Permalink
Post by David W. Hodgins
Post by David E. Ross
and no new keys are available.
See http://www.cert.org/contact_cert/encryptmail.html
Expires: 2010-10-01
Regards, Dave Hodgins
CERT at Carnegie Mellon University is not the same as US-CERT at the
Department of Homeland Security. Your link is to the former. My
concern is about the latter.
--
David E. Ross
<http://www.rossde.com/>.

Don't ask "Why is there road rage?" Instead, ask
"Why NOT Road Rage?" or "Why Is There No Such
Thing as Fast Enough?"
<http://www.rossde.com/roadrage.html>
David W. Hodgins
2009-09-18 23:45:05 UTC
Permalink
Post by David E. Ross
CERT at Carnegie Mellon University is not the same as US-CERT at the
Department of Homeland Security. Your link is to the former. My
concern is about the latter.
My mistake. Thanks for working to keep things running properly.

Regards, Dave Hodgins
--
Change nomail.afraid.org to ody.ca to reply by email.
(nomail.afraid.org has been set up specifically for
use in usenet. Feel free to use it yourself.)
David E. Ross
2009-09-18 23:41:21 UTC
Permalink
Post by David E. Ross
Twice recently, I notified US-CERT (an agency of the U.S. Department of
Homeland Security) that some of its PGP keys expire the end of this
month. One key is used to communicate computer vulnerabilities to
US-CERT; another key is used to authenticate notices sent by US-CERT
about such vulnerabilities. I have received no response to my messages,
and no new keys are available.
See "A Case Study" in my
<http://www.rossde.com/PGP/key_mgmnt.html#replace> for the mess created
last year when US-CERT keys expired.
I sent an E-mail to the first person who signed the expiring keys. He
replied that they are aware of the pending expirations and plan to deal
with them. I just hope they deal with them better than they did last
year.
--
David E. Ross
<http://www.rossde.com/>.

Don't ask "Why is there road rage?" Instead, ask
"Why NOT Road Rage?" or "Why Is There No Such
Thing as Fast Enough?"
<http://www.rossde.com/roadrage.html>
Loading...