xref: /freebsd/crypto/openssl/doc/fingerprints.txt (revision 18054d0220cfc8df9c9568c437bd6fbb59d53c3c)
1Fingerprints for Signing Releases
2
3OpenSSL releases are signed with PGP/GnuPG keys.  This file contains
4the fingerprints of team members who are "authorized" to sign the
5next release.
6
7The signature is a detached cleartxt signature, with the same name
8as the release but with ".asc" appended.  For example, release
91.0.1h can be found in openssl-1.0.1h.tar.gz with the signature
10in the file named openssl-1.0.1h.tar.gz.asc.
11
12The following is the list of fingerprints for the keys that are
13currently in use to sign OpenSSL distributions:
14
15pub   4096R/7DF9EE8C 2014-10-04
16      Key fingerprint = 7953 AC1F BC3D C8B3 B292  393E D5E9 E43F 7DF9 EE8C
17uid                  Richard Levitte <richard@opensslfoundation.com>
18uid                  Richard Levitte <levitte@openssl.org>
19uid                  Richard Levitte <richard@openssl.com>
20
21pub   2048R/0E604491 2013-04-30
22      Key fingerprint = 8657 ABB2 60F0 56B1 E519 0839 D9C4 D26D 0E60 4491
23uid                  Matt Caswell <matt@openssl.org>
24uid                  Matt Caswell <frodo@baggins.org>
25
26pub   rsa4096 2021-02-14
27      B7C1 C143 60F3 53A3 6862  E4D5 231C 84CD DCC6 9C45
28uid                  Paul Dale <pauli@openssl.org>
29
30pub   rsa4096 2021-07-16
31      A21F AB74 B008 8AA3 6115  2586 B8EF 1A6B A9DA 2D5C
32uid                  Tomáš Mráz <tm@t8m.info>
33uid                  Tomáš Mráz <tomas@arleto.cz>
34uid                  Tomáš Mráz <tomas@openssl.org>
35