Published:
18 May 2020
Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT Security Bulletin
ASB-2020.0103.5
AusCERT PGP Public Key Update
18 May 2020
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: AusCERT PGP Public Key
Resolution: Patch/Upgrade
Member content until: Sunday, June 14 2020
Revision History: May 18 2020: Resend PGP Key Update Notification
May 15 2020: Initial Release
OVERVIEW
AusCERT has generated a new PGP/GPG Key to use for signing and receiving
encrypted data.
This key will come into effect as of: 15 May 2020
IMPACT
PGP and GPG users are required to import AusCERT's new public key into their
keyring so that they can validate future bulletins and other communications.
AusCERT will no longer be using the old key:
key id: D3B76E06
fingerprint: F4CC 1C88 CC06 5181 7A00 466C 668E 82AD D3B7 6E06
AusCERT will now be using the following new key:
key id: 7228F628
fingerprint: 2B94 4D32 0813 377F F623 7E2D E34B 289B 7228 F628
MITIGATION
The key can be downloaded from our website [1] over SSL to secure the transaction.
You can verify the contents of this file by loading the key into your keyring,
and issuing the command:
% gpg -v 7228F628.asc
This will produce the following output:
Comment: http://www.auscert.org.au/render.html?it=1967
pub 4096R/7228F628 2020-05-11 AusCERT (Australia's premier CERT) <auscert@auscert.org.au>
sig 7228F628 2020-05-11 [selfsig]
sub 4096R/26B7123D 2020-05-11 [expires: 2022-05-11]
sig 7228F628 2020-05-11 [keybind]
If you require further information you can contact AusCERT via phone and confirm
the Key ID and fingerprint. To phone AusCERT call +61 7 3365 4417.
REFERENCES
[1] AusCERT PGP Public Key
https://www.auscert.org.au/pgp/
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBXsHHI+NLKJtyKPYoAQj3Fw//Vroksf98xm3CoDCtNRr0Umh9aIYsdybt
sBZeZCN3ccrWzZZoWugJtdhLVDCiGXlVFOl7SSwpmgFGQFadNnNKlTeweWp5KvFR
dKCyfs6avTMSAnRQgsB7jt5g9nmRcf6YFMJsubMCVKR8xAmbjsyCcvrAnXSY+yYE
64VYvGzUPtKpsEGcRA/BV/M4b3MatJXtLPRBZyjT+qmCLcc7b1CKGGcD2AWj51g3
YJ2S8HxAkNFeRcmYxW07i0eSm616ONcbT2y1bfIh+Z4/sP91IAdtcgulymu4NPIe
8k9LNPmjewfd5cfOKSkWP9vVc9JZaCQ92r73Bn3NRaXIqdlod10oZsoPGeuVY2rP
TGE5e8LEOKQPGFgVL4nfrd7XK/L6mmw6Lp1GtlpAB4WedRZtFWQxIQTy4I42Rfmv
FbizpFbn70o0qaRLJ1OvAbonUCfITjxHD8sWVXhXYz/PsX2GkkhQRNHvnb3SmRIz
1AxTqdHVkeReGNhsZideFiHfirUwx/j8421lqteJVLdDim4rgnCl6zvouRfJG2Kw
eLA0vAm0VCbes27HM5VTHT20p33B1/xxgoIpAZFJ73a9aZWfVajfsbS4gRRERE7u
n1pOB9Sv+GhLxzYz0Gh4QFVswRysKBaJ4oHitCxF6X9PhZ0uw42oIMgjB7LjBZEV
b1ktXth7MGw=
=VjVW
-----END PGP SIGNATURE-----