2 comments

[ 4.4 ms ] story [ 19.3 ms ] thread
On Aug. 24, the GPG private key and passphrase with the ID of 0E22EB88E39E12277A7760AE9E439B102CF3C0C6 was unintentionally shared. As a best practice, we have revoked the exposed certificate on our full GPG public keychain and issued a new public key.
This has been surprisingly quiet. I’d like to know more about the scope of the leak, was it just to a log file? An OSS repo?