OpenPGP Key

ISC has an OpenPGP key. You can learn more about OpenPGP in RFC 2440. OpenPGP is a public key system, which means that if you have our public key and we sign a mail message (or a software distribution) using our private key, you can have a moderate confidence level that the message or distribution really did come from us.

If you suspect you have found a security defect in BIND or DHCP, or if you wish to inquire about a security issue that you have learned about which has not yet been publicly announced, ISC encourages you to get in touch with our Security Officer using the security-officer@isc.org e-mail address.

However, plain-text e-mail is not a secure choice for communications concerning undisclosed security issues so we ask that you please encrypt your communications to us using the ISC Security Officer public key found below.

PGPKey 2013


-----BEGIN PGP PUBLIC KEY BLOCK-----
 Version: GnuPG v1.4.12 (NetBSD)

mQENBFEKeFYBCADaN83gsb0VDjlGZkYra0PPlHz/eczKBU+/6I/VBq/FcsFEc27/
 O8IE05rIID10rXLjZ0k8y4ydvhI40eVZfxwaFvQEX/StVtU1ie3F7TS02ZuJ1yal
 YRtU29hhnZ5icDdiJ98gcZSH2WKhIWLRpmc60Lja/sTsO0lkLPJe9x2MDuzkQu9M
 Z7hlMgqZxZ1I/mQ/KsjT3oUt8euwyntg8/w/cpY8H0EVjyBnZWV2yejsLnbCo947
 hbjvUMSluGs7AZP0d+yqpGNsgRQ9iHy0NiL3ELdBqD22cqGRGTkX76KcLoXvqLVY
 450bBtXsI2uUXy5iL/eUkUP2JgWQybjju/M3ABEBAAG0SEludGVybmV0IFN5c3Rl
 bXMgQ29uc29ydGl1bSwgSW5jLiAoU2lnbmluZyBrZXksIDIwMTMpIDxjb2Rlc2ln
 bkBpc2Mub3JnPokBPgQTAQIAKAUCUQp4VgIbAwUJA8JnAAYLCQgHAwIGFQgCCQoL
 BBYCAwECHgECF4AACgkQRax4Vxic28XzIQf6AwLblJ98KI6l8gWqKVHMErYgl9+Q
 RiIxrqJtyn4OjeZHX9diVjv2HlsRjnTpNl5MiSB9tXvq+GX696w6dtpoqYjZEQoP
 ZCwE2USR6XO71eYO3rxLBnc0ymRvQm4zB2YKqworQDym0+wE8xiGBO8LyyVDfS5G
 aGWXl0YJkfNYXzhEp6toIiLwRE0uP0TarHcHCo2CboVBgODvDZqwSBfT+i6dT+Gy
 6nVEh3j7XnqgjCQ25cGev9sHR3hobT/fxG0F2YZ7sMwpWj9q0Y/dOlY7SV/ZGSs+
 ubKQ55BWsTjJRrNqyDX8QLb8oVic5q/yQkV+RTs1sP5s6JSs0KqQdyR3ZbkBDQRR
 CnhWAQgApxtu688JKcr6NXWOneWXn1Pti2jRhdVKNlNkGgLJ76vQTVdMmmTDwEty
 YQM6C9qjIXj8cEwz+LGRUXoCXOX9Yokf5oOjNpQutn4KVS+IRvWMYaK0qsTaa/c0
 FaIiFWvswyGucXAX/q9H5IoK8uYKXv5ww7+x3l1etg9/QdDQ/CANyMQbjBn38Wfn
 Fy/zoUl+mMZLfqs+3NwT5C+m/4M99SoyC7XQLaZt3PBO4rVjUnMkCgiXsNdDIZnv
 0XgUKyzSgrdPZcqKEG3yj8v5aTOC2k60Ffw1/ytA3hyfxLmdxxsyGyNQ4ZY8ZxmB
 Z6AyUWVK95bL4oQqUCqfzSscHpWokQARAQABiQElBBgBAgAPBQJRCnhWAhsMBQkD
 wmcAAAoJEEWseFcYnNvF4JAH/0MlU+Iwu5k6II3KufE2agMsRD2hk1VkpZcC08qi
 LfHxX/4HrCZd7jcViLpFeK+I5JaDM2G21Co9jBMoPh+EUDnalG3eglXgeNEbUfAZ
 pM7c9UejTNVmrw6crcgeUhKS2l0oBu9gRRlcSJEYY8XngfKJHBscCrsafp3RMVkO
 m4Ti4CcxOot3uQ10U8GojjtWp7bgqIaFBF8aV8vugXJLl9IHqgVEtvo9miM+0Tfi
 evOzuZMrgVY4zI2ZiLcrVM1KuIeZ2nIKbNWkJpDH2ZwUfsIx/KTxjpqld+NStzGQ
 B9v1wazIBDHQU4hq5ddOlk0lrLDAmMJzHbavlduWmFRkuv4=
 =bGLP
 -----END PGP PUBLIC KEY BLOCK-----

Support-Staff

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2.0.17 (MingW32)

mQGiBEg9iRQRBACSUmbNjuZC0NZ9mAwjAqd09UeksyX9MYjFaQAXZ1AzQVQ++Kvz
Qe55+52XgdBU8E8331IxZMgx86dQjz4z5/Y5qIE5M0PUk9/Kgn2ff/43mby1AGqx
je1Z2zCqXaGAgz52CASXC4lPPyldkGwYk+eWsdKV6eoNiLRHG936LQfzZwCgriro
S259Zk0lIcl+o7ylg9Qu+mkD/3zJVlJlHFTq5tFdgkbe/Q8wqIGZhZ/d46LGskHq
e0gwX6xqkK0rIFOytjBMiELJpT1aZxQingK7IucW8Jr/SNHKL/LwqeqQs9IzXTHS
HPoCdeB/z3uBdEn1q9qqad/LA9K0kcfM7x8fO1M5LTyPYA1h4kOYgNRox8iQKvST
eqOJA/0V/3yfnXop6gK5U54i0Q07q9lve8Ge+p4PHwV3UWlIfUSY7KER/ybcTdMo
8ShNQXa6qelYrMp3lq4PFu7IQibNTe2SWq5c9ekKgpjeP2ZLSPlGfjF7C04WUKP1
ww/vTOSkslwByW1aDPZ1nVJlQOcKbdok0uCoeFFkna6Y6hA2iLQ1SVNDIFN1cHBv
cnQgRW5naW5lZXJpbmcgU3RhZmYgPHN1cHBvcnQtc3RhZmZAaXNjLm9yZz6IYAQT
EQIAIAUCSD2JFAIbAwYLCQgHAwIEFQIIAwQWAgMBAh4BAheAAAoJEA2gUt/owZXL
Yw4An3HratPO/UynNiauDjD8ANAK/8XNAJ0Vd3Qsxq767Qd7DAtJlgAERJPL84hG
BBMRAgAGBQJIPYqRAAoJEHCqWFK1AwmH2x4AoIQKEDuNdMIc37Eb1uAtY6VW4BPG
AJ9UcBntSNhlHV1SQ/Kn2mrvmwBvpokBHAQQAQIABgUCSD4g0AAKCRAjNBJOG8ke
bAIuB/98XDfx8/GvgyOQAv+nxriV/y+b77sAjHdnTtjIQFio8rgItmtNxrB115dR
rxfBJK+1JGWgVePz3584RL6s+A1jFvjn89oQLFm7OF3Y89lMNkypqpluUw65kCPV
jSv2fJd4hYCxE7Vo81AEHNrrcHHj4S5MUppg+BMr52CsvIE6SZgyEa6fQktu4J60
M08tOvhcKNPOT7tXRCCmhj9aACxGQosbKvo6VuXWXIXt1nQEabOz0/cIaAIj71nd
ifPkQnAKGmKFTyV/W19XnA396rMygkVGtpeFVydlY/no1/lUAO2UerhpNJp1BY1i
TMvrpOoH59tWST/ieyzkBYiIrbXsuQINBEg9iRkQCACrqXjInCeHmqNX8g1x47e1
LFubdQ/sd8XhXCMG8c9dxJe13plcVWyyJkupVlCKs4y2valHkpKokd/DfJbdfCIU
/+Hg+QeCakFUbYgdBY6q/LDOGAi/OpOk/FYTSOEdMQMPytlKgOYvI/JQrtVF4/9X
ZqpvtIPc0g6a57SXtDwGq0vEZ6YHiWxnnhbNOiXvvYZDK2k+RAgvwjgqAXZI0nz6
RKGdKQ6l6KPqoZ3xft2WzAWpjzXsHDru9xKn1/P4tozAihUkZSGvjEFLB0arYduT
99rQuJ5vZJs8W8JSsoLWUXSZsrrszDg9/jMGvi5kj7788NlkXJfcNSqn9YyzCfPH
AAMFB/9ZwIXV21P4xnU0da+mDzY3L5r2yfKmiTD+CPYJrjD8/j5Tcd17HHM6wvvC
XEkrgdZoZCw8E7aTSsb7+BWv/bbEhGABBToM8KZ9GRn+LGYZZ5+Ba4Pgdw+wpsEm
DSChcQbCva9UJqENxfFF9BTfQ5B+DjQ+6uIMbTHBMs1S9NHLSTV5KrT+nxy1wNrj
3Mt0z/TStTbahIoGACzJr5d1BFKuYmxs8hID9uQRLn28ICYpQSZrhK+Gnc5Y0wGl
sTxBTQ91jpgVmbe6CHVDaGoGWi6ATOX/tLSfr9V+QFvM//kYgB/Wzy0KlX/Ixq/t
jgdPCVu+aZrtCrJufqsYOKDNhWNfiEkEGBECAAkFAkg9iRkCGwwACgkQDaBS3+jB
lcsolACfcPT0LlzJ1Sf88RAIQaPjMJG7bpsAoJpwKrQ/J2qPG4xfG5zjebgxyGVu
=D/5G
-----END PGP PUBLIC KEY BLOCK-----

Security Officer

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2.0.17 (MingW32)

mQENBEsnyOQBCAC+WKYHcaDGD9a2ztwdccmhnzo0YJ9SOPVIonqGxCa6o8Twfipy
H9Wh5uFqc6Ne+I0+vWohQtBIeodQHgGGlbjdxMp3QxohvqCmZcoObH7kjI1lpKQ6
TMvRvo79pq5WRIuE+Jbm6Rt9Hz3w9APrYzISzeCuHFK7vlZfaLdoI0SxzEuzMmyO
vQpa6dgSKQF6G2Nsbz1RYujZ6fE6GXtc+I9q44yJS4llYpUqYpPh5CsfbDx8HwMW
Pj9eYOwjf3/vniFeG9tHIB8E+p7UBTG7bTVRlEgmyC1Ry0OPO3UPKjL/Dja8IeeJ
amT0dlsRCD/O/WTyxQg9EceCgUvOz65puKkrABEBAAG0L0lTQyBTZWN1cml0eSBP
ZmZpY2VyIDxzZWN1cml0eS1vZmZpY2VyQGlzYy5vcmc+iQExBBMBAgAbBQJLJ8jk
AhsDBgsJCAcKAgQVCggCAh4BAheAAAoJEL2X3GOe6MR7gZYIAI4uSaX7HwU2ywaC
O77q5O/Zzzp6M+Oi+z7G00GFpACMSDSjX8kbZoIIW7FXb9US/9XLwqDtjlrGOLbd
zcZ/+EMsJM/HpT796YH8Y9gMpsH5SZq5gByeguT6KgjqF2w8yNX7/r0AM3psfVSv
9l595CoJWNbDBHqGpqMi55SqKLCQOJ8noDp4x+JVNcJ1AdK/QVSk+gEhLqrvoYNy
G8B/C2LL1fBQC8sFkX/M1mKlkM83GnJlPWCrig69VlR+relppEuZ5G34z93c9NtC
qdH6zLzzej2qmwLb/dYJYvhEEMDlgvlSWw6yaJTuuEfuqHonrgOTXgb3Ln8A7XJE
CuSgWrK5AQ0ESyfI5AEIAKUsrY4AxF87HvBEqhCXIt1o8plzVoIT5kY/p2n48U+o
NGl5v4qNiC4SQZIvsA+Fcew8BhAYbNFTOsK/NKVOyiLkLOqQnkuBlESzzvMcl0gS
uX1t99V2SJpCKukCa+jkTcjJnURODJn5Wp9GLAWXutxJvJnTt4oxcnAKun6Zt1vy
OQs2lI9zXCTi8AdDKTiA/Es66CPVCRcMFUS6l9ArN57gUP0KRj8N0OfOQPdzShnG
rSdtM0D2Ei2pmUcgkvSIeNU5HRd2iMpWGO1L8yfGQvp7dzjWbG7i/2RTnZ+KR3a2
OMmtXUNuWQF3AfohS0TRTAcAR7IgOLzyy2prT9XKtCcAEQEAAYkBHwQYAQIACQUC
SyfI5AIbDAAKCRC9l9xjnujEeze1CAC4A+KZdRi08gBxG4hKuvpL0fHfwnVmrLR3
9c0mQR9tE+iUcOezqER3z2fn/Zm5nMTZcauzCXMmFXwKWlGufiDrXVqKCyEHkYyB
nn3U9ksRigo8eG/X3+G3US9k0c7FfWaIrOY2IdGWUQic0ENOu/94VAFaleI4BBQv
nDIY6hr4Fm14qXgssF7YwcEreoUU+AyhYc52tlDssU9DUaX/vn7OD42FIzpUzgUy
oZ97UtPX+m9P5YN2Teeq0iVkcxxmT9wuNYCCZb1W03hvcA8uwvRkNDbdQ//dma2g
XdUPoXfBJT4kLo1/KV5GimPHdn0h172E1RKLgKtrJ58TVTJ6UV1r
=j6G5
-----END PGP PUBLIC KEY BLOCK-----

Verifying a source tarball with the pgp key:

You will need to have the GnuPG package installed. Then download the newest key above and import it into your own keyring:

  • gpg –import KEYFILE # such as KEYFILE pgpkey2009.txt

Then you can verify any BIND or DHCP release by:

  • gpg –verify SIGFILE TARBALL

i.e. for bind-9.7.2.gz, using signature file bind-9.7.2.sha512.asc

  • gpg –verify bind-9.7.2.sha512.asc bind-9.7.2.gz