New Swift Automatic Sign Key

mishal_shah · 2019-11-08T02:05:17.923Z

We are updating the Linux development snapshot signing key to 'Swift Automatic Signing Key #3', because 'Swift Automatic Signing Key #2' will expire.

Starting Nov 7th 2019 (tonight) we will be publishing development snapshots with the new signing key.

The new signing key is also available on https://swift.org/download under "Active Signing Keys”.

Swift Automatic Signing Key #3

Download: https://swift.org/keys/automatic-signing-key-3.asc

Fingerprint: 8A74 9566 2C3C D4AE 18D9 5637 FAF6 989E 1BC1 6FEA
Long IDFAF6989E1BC16FEA

To import the key, run:

$ gpg --keyserver hkp://pool.sks-keyservers.net \
      --recv-keys \
      '8A74 9566 2C3C D4AE 18D9  5637 FAF6 989E 1BC1 6FEA'

Or:

$ wget -q -O - https://swift.org/keys/automatic-signing-key-3.asc | \
  gpg --import -

Please email swift-infrastructure@swift.org if you have any questions.

Thanks,
Mishal Shah

ahti · 2019-11-10T20:33:29.569Z

mishal_shah:

[...] because 'Swift Automatic Signing Key #2' will expire.

Are you aware you can also change the expiration date of existing keys? That still won't remove the need to --recv-keys to refresh the key from a key server, but it seems preferable to creating a completely new key to me.

mishal_shah · 2019-11-14T22:50:51.092Z

Thanks for sharing this information, however it makes it clear to install a new cert.