Operating System:

Published:

18 May 2020

Protect yourself against future threats.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
                         AUSCERT Security Bulletin

                              ASB-2020.0103.5
                       AusCERT PGP Public Key Update
                                18 May 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              AusCERT PGP Public Key
Resolution:           Patch/Upgrade
Member content until: Sunday, June 14 2020

Revision History:     May 18 2020: Resend PGP Key Update Notification
                      May 15 2020: Initial Release

OVERVIEW

        AusCERT has generated a new PGP/GPG Key to use for signing and receiving 
        encrypted data.
        
        This key will come into effect as of: 15 May 2020


IMPACT

        PGP and GPG users are required to import AusCERT's new public key into their
        keyring so that they can validate future bulletins and other communications.  
        
        AusCERT will no longer be using the old key: 
        key id: D3B76E06 
        fingerprint: F4CC 1C88 CC06 5181 7A00  466C 668E 82AD D3B7 6E06
        
        AusCERT will now be using the following new key:
        key id: 7228F628
        fingerprint: 2B94 4D32 0813 377F F623 7E2D E34B 289B 7228 F628


MITIGATION

        The key can be downloaded from our website [1] over SSL to secure the transaction.
        
        You can verify the contents of this file by loading the key into your keyring, 
        and issuing the command:
        
        % gpg -v 7228F628.asc
        
        This will produce the following output:
        
        Comment: http://www.auscert.org.au/render.html?it=1967
        pub  4096R/7228F628 2020-05-11 AusCERT (Australia's premier CERT) <auscert@auscert.org.au>
        sig        7228F628 2020-05-11   [selfsig]
        sub  4096R/26B7123D 2020-05-11 [expires: 2022-05-11]
        sig        7228F628 2020-05-11   [keybind]
        
        If you require further information you can contact AusCERT via phone and confirm
        the Key ID and fingerprint.  To phone AusCERT call +61 7 3365 4417.


REFERENCES

        [1] AusCERT PGP Public Key
            https://www.auscert.org.au/pgp/

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXsHHI+NLKJtyKPYoAQj3Fw//Vroksf98xm3CoDCtNRr0Umh9aIYsdybt
sBZeZCN3ccrWzZZoWugJtdhLVDCiGXlVFOl7SSwpmgFGQFadNnNKlTeweWp5KvFR
dKCyfs6avTMSAnRQgsB7jt5g9nmRcf6YFMJsubMCVKR8xAmbjsyCcvrAnXSY+yYE
64VYvGzUPtKpsEGcRA/BV/M4b3MatJXtLPRBZyjT+qmCLcc7b1CKGGcD2AWj51g3
YJ2S8HxAkNFeRcmYxW07i0eSm616ONcbT2y1bfIh+Z4/sP91IAdtcgulymu4NPIe
8k9LNPmjewfd5cfOKSkWP9vVc9JZaCQ92r73Bn3NRaXIqdlod10oZsoPGeuVY2rP
TGE5e8LEOKQPGFgVL4nfrd7XK/L6mmw6Lp1GtlpAB4WedRZtFWQxIQTy4I42Rfmv
FbizpFbn70o0qaRLJ1OvAbonUCfITjxHD8sWVXhXYz/PsX2GkkhQRNHvnb3SmRIz
1AxTqdHVkeReGNhsZideFiHfirUwx/j8421lqteJVLdDim4rgnCl6zvouRfJG2Kw
eLA0vAm0VCbes27HM5VTHT20p33B1/xxgoIpAZFJ73a9aZWfVajfsbS4gRRERE7u
n1pOB9Sv+GhLxzYz0Gh4QFVswRysKBaJ4oHitCxF6X9PhZ0uw42oIMgjB7LjBZEV
b1ktXth7MGw=
=VjVW
-----END PGP SIGNATURE-----