OpenPGP Key
ISC and OpenPGP
ISC has an OpenPGP key. You can learn more about OpenPGP in RFC 2440. OpenPGP is a public key system, which means that if you have our public key and we sign a mail message (or a software distribution) using our private key, you can have a moderate confidence level that the message or distribution really did come from us.
| In use since February 2013 | pgpkey2013.txt | 189CDBC5 |
| In use since Jan 2012 - OLD | pgpkey2012.txt | C96B350A |
| In use since May 2009 - OLD | pgpkey2009.txt | 2048R/0B7BAE00 |
| In use until May 2009 - OLD | pgpkey2006.txt | 2048R/1BC91E6C |
| In use until April 2006 - OLD | pgpkey2004.txt | 1024D/C3755FF7 |
Verifying a source tarball with the pgp key:
You will need to have the GnuPG package installed. Then download the newest key above and import it into your own keyring:
- gpg --import KEYFILE # such as KEYFILE pgpkey2009.txt
Then you can verify any BIND or DHCP release by:
- gpg --verify SIGFILE TARBALL
i.e. for bind-9.7.2.gz, using signature file bind-9.7.2.sha512.asc
- gpg --verify bind-9.7.2.sha512.asc bind-9.7.2.gz
In addition to the keys that are used to sign our code, there are several other keys in use at ISC
| Support-Staff | support-staff.txt | 1024D/E8C195CB |
