summaryrefslogtreecommitdiffstats
path: root/doc/fingerprints.txt
blob: 1863224df37ae6cbd0671226c3066f6edc752597 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
Fingerprints for Signing Releases

OpenSSL releases are signed with PGP/GnuPG keys.  This file contains
the fingerprints of team members who are "authorized" to sign the
next release.

The signature is a detached cleartxt signature, with the same name
as the release but with ".asc" appended.  For example, release
1.0.1h can be found in openssl-1.0.1h.tar.gz with the signature
in the file named openssl-1.0.1h.tar.gz.asc.

The following is the list of fingerprints for the keys that are
currently in use to sign OpenSSL distributions:

pub   4096R/7DF9EE8C 2014-10-04
      Key fingerprint = 7953 AC1F BC3D C8B3 B292  393E D5E9 E43F 7DF9 EE8C
uid                  Richard Levitte <richard@opensslfoundation.com>
uid                  Richard Levitte <levitte@openssl.org>
uid                  Richard Levitte <richard@openssl.com>

pub   4096R/FA40E9E2 2005-03-19
      Key fingerprint = 6260 5AA4 334A F9F0 DDE5  D349 D357 7507 FA40 E9E2
uid                  Dr Stephen N Henson <steve@openssl.org>

pub   2048R/0E604491 2013-04-30            
      Key fingerprint = 8657 ABB2 60F0 56B1 E519 0839 D9C4 D26D 0E60 4491
uid                  Matt Caswell <frodo@baggins.org>