Red Hat Security Blog: January 2007 archives

  • New Red Hat Signing Keys

    We're changing the package signing key we use for all new Red Hat products. Since 1999, all RPM packages in Red Hat products have been gpg signed by the master key "Red Hat, Inc <security@redhat.com>" (keyid DB42A60E). I'll call this the legacy signing key for the rest of this article. This signature is one of two security mechanisms we use to ensure that customers can trust the installation of packages and their updates. The other is that the update client, up2date, checks the SSL...
    Posted 2007-01-30T00:00:00+00:00 - 0