#archlinux32 | Logs for 2025-01-20

Back
[02:40:49] -!- GNUtoo has quit [Ping timeout: 248 seconds]
[02:42:35] -!- GNUtoo has joined #archlinux32
[04:13:37] -!- ssserpent has joined #archlinux32
[10:04:24] -!- drathir_tor has quit [Ping timeout: 264 seconds]
[10:09:32] -!- drathir_tor has joined #archlinux32
[15:48:19] -!- tippfehlr has quit [Quit: The Lounge - https://thelounge.chat]
[15:48:35] -!- tippfehlr has joined #archlinux32
[16:53:47] <girls> Cthuutloops: I just uploaded a recent keyring package, you find it on https://mirror.archlinux32.org
[16:54:02] <girls> the checksum is d7ed4d8292b9eb2b8f7d0ec7d86a35a76d7160e5dc0034a6a06a82037b98c4ce1328b5df2f4576a83ebb437f80f1f1c5bd89d7bf47b806d8492bcb0669685a16
[16:55:00] <girls> but it also has a valid signature file https://mirror.archlinux32.org from my gpg key 415B6145B389C8A74C9FC4B22C146C01A952AC0F
[16:55:23] <girls> but the second-to-last keyring should actually also still work :/
[16:57:08] <girls> our keys are quite short lived (1 year) and we update ~6months before they expire (or is it 3 months?). So yeah, that's the expectation: update at least every 3 months (if we do the refresh on our side soon enough after the scheduled expiration warning :D )
[16:57:34] <girls> ... or be willing to manually pull the key from our servers every once in a while
[17:15:45] <KitsuWhooa> > and we update ~6months before they expire
[17:15:58] <KitsuWhooa> wasn't I screeching to get a new package out and it came out like a month before it expired? :p
[18:25:27] mavicaway is now known as mavica
[18:59:51] mavica is now known as mavicaway
[19:41:33] -!- ssserpent has quit [Quit: WeeChat 4.5.1]
[19:43:21] -!- ssserpent has joined #archlinux32
[19:57:48] <KillerWasp> girls: he go out.
[20:00:00] <KillerWasp> You can always make it expire in 10 years and then force expire it in case it is compromised.
[20:03:54] <KillerWasp> Or you can skip its expiration date. It really has no use. If you want to expire a certificate you can always program a more elaborate system of dates for expiration.
[21:03:14] -!- ssserpent has quit [Quit: WeeChat 4.5.1]
[21:56:21] -!- Cthuutloops has joined #archlinux32
[22:16:08] -!- titus_livius has joined #archlinux32
[22:17:47] -!- girls has quit [Quit: ZNC 1.9.1 - https://znc.in]
[22:19:14] -!- girls has joined #archlinux32
[23:05:36] <Cthuutloops> sorry i missed your message but am reading them on the logs
[23:13:33] <Cthuutloops> i think i pulled a key from your servers is that not what the wget command from fs#365 is doing? or is it an old signature in that answer?
[23:15:47] <Cthuutloops> im mostly confused about what im lookin for when i gpg --verify what does the signature checking out look like?