On 01/19/2017 08:11 PM, grarpamp wrote:
https://news.ycombinator.com/item?id=13007234
Not as if anything should be thought untouchable.
I saw something on a twitter feed related to them that said they
would be updating it and not to worry and this info is old.
Have you checked?
Check test 1 2...
gpg --verify canary-statement-signed.txt
gpg: Signature made Mon 15 Aug 2016 10:01:19 PM PDT using RSA key ID
139A768E
gpg: Good signature from "Riseup Networks
<collective@riseup.net>"
gpg: aka "Riseup Treasurer
<treasurer@riseup.net>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to
the owner.
Primary key fingerprint: 4E07 9126 8F7C 67EA BE88 F1B0 3043 E2B7
139A 768E
The canary hasn't been updated but the gpg output still shows a good
sig (assuming)
They could still kill the canary be revoking the key, and they
haven't done that.
See: https://riseup.net/en/canary
Rr