OpenPGP Key

Last modified: May 20, 2014

ISC has an OpenPGP key. You can learn more about OpenPGP in RFC 2440. OpenPGP is a public key system, which means that if you have our public key and we sign a mail message (or a software distribution) using our private key, you can have a moderate confidence level that the message or distribution really did come from us.

If you suspect you have found a security defect in BIND or DHCP, or if you wish to inquire about a security issue that you have learned about which has not yet been publicly announced, ISC encourages you to get in touch with our Security Officer using the security-officer@isc.org e-mail address.

However, plain-text e-mail is not a secure choice for communications concerning undisclosed security issues so we ask that you please encrypt your communications to us using the ISC Security Officer public key found below.

PGPKey 2013

-----BEGIN PGP PUBLIC KEY BLOCK-----
 Version: GnuPG v1.4.12 (NetBSD)
 mQENBFEKeFYBCADaN83gsb0VDjlGZkYra0PPlHz/eczKBU+/6I/VBq/FcsFEc27/
 O8IE05rIID10rXLjZ0k8y4ydvhI40eVZfxwaFvQEX/StVtU1ie3F7TS02ZuJ1yal
 YRtU29hhnZ5icDdiJ98gcZSH2WKhIWLRpmc60Lja/sTsO0lkLPJe9x2MDuzkQu9M
 Z7hlMgqZxZ1I/mQ/KsjT3oUt8euwyntg8/w/cpY8H0EVjyBnZWV2yejsLnbCo947
 hbjvUMSluGs7AZP0d+yqpGNsgRQ9iHy0NiL3ELdBqD22cqGRGTkX76KcLoXvqLVY
 450bBtXsI2uUXy5iL/eUkUP2JgWQybjju/M3ABEBAAG0SEludGVybmV0IFN5c3Rl
 bXMgQ29uc29ydGl1bSwgSW5jLiAoU2lnbmluZyBrZXksIDIwMTMpIDxjb2Rlc2ln
 bkBpc2Mub3JnPokBPgQTAQIAKAUCUQp4VgIbAwUJA8JnAAYLCQgHAwIGFQgCCQoL
 BBYCAwECHgECF4AACgkQRax4Vxic28XzIQf6AwLblJ98KI6l8gWqKVHMErYgl9+Q
 RiIxrqJtyn4OjeZHX9diVjv2HlsRjnTpNl5MiSB9tXvq+GX696w6dtpoqYjZEQoP
 ZCwE2USR6XO71eYO3rxLBnc0ymRvQm4zB2YKqworQDym0+wE8xiGBO8LyyVDfS5G
 aGWXl0YJkfNYXzhEp6toIiLwRE0uP0TarHcHCo2CboVBgODvDZqwSBfT+i6dT+Gy
 6nVEh3j7XnqgjCQ25cGev9sHR3hobT/fxG0F2YZ7sMwpWj9q0Y/dOlY7SV/ZGSs+
 ubKQ55BWsTjJRrNqyDX8QLb8oVic5q/yQkV+RTs1sP5s6JSs0KqQdyR3ZbkBDQRR
 CnhWAQgApxtu688JKcr6NXWOneWXn1Pti2jRhdVKNlNkGgLJ76vQTVdMmmTDwEty
 YQM6C9qjIXj8cEwz+LGRUXoCXOX9Yokf5oOjNpQutn4KVS+IRvWMYaK0qsTaa/c0
 FaIiFWvswyGucXAX/q9H5IoK8uYKXv5ww7+x3l1etg9/QdDQ/CANyMQbjBn38Wfn
 Fy/zoUl+mMZLfqs+3NwT5C+m/4M99SoyC7XQLaZt3PBO4rVjUnMkCgiXsNdDIZnv
 0XgUKyzSgrdPZcqKEG3yj8v5aTOC2k60Ffw1/ytA3hyfxLmdxxsyGyNQ4ZY8ZxmB
 Z6AyUWVK95bL4oQqUCqfzSscHpWokQARAQABiQElBBgBAgAPBQJRCnhWAhsMBQkD
 wmcAAAoJEEWseFcYnNvF4JAH/0MlU+Iwu5k6II3KufE2agMsRD2hk1VkpZcC08qi
 LfHxX/4HrCZd7jcViLpFeK+I5JaDM2G21Co9jBMoPh+EUDnalG3eglXgeNEbUfAZ
 pM7c9UejTNVmrw6crcgeUhKS2l0oBu9gRRlcSJEYY8XngfKJHBscCrsafp3RMVkO
 m4Ti4CcxOot3uQ10U8GojjtWp7bgqIaFBF8aV8vugXJLl9IHqgVEtvo9miM+0Tfi
 evOzuZMrgVY4zI2ZiLcrVM1KuIeZ2nIKbNWkJpDH2ZwUfsIx/KTxjpqld+NStzGQ
 B9v1wazIBDHQU4hq5ddOlk0lrLDAmMJzHbavlduWmFRkuv4=
 =bGLP
 -----END PGP PUBLIC KEY BLOCK-----

Support-Staff

-----BEGIN PGP PUBLIC KEY BLOCK-----
 Version: GnuPG v2.0.17 (MingW32)
 mQGiBEg9iRQRBACSUmbNjuZC0NZ9mAwjAqd09UeksyX9MYjFaQAXZ1AzQVQ++Kvz
 Qe55+52XgdBU8E8331IxZMgx86dQjz4z5/Y5qIE5M0PUk9/Kgn2ff/43mby1AGqx
 je1Z2zCqXaGAgz52CASXC4lPPyldkGwYk+eWsdKV6eoNiLRHG936LQfzZwCgriro
 S259Zk0lIcl+o7ylg9Qu+mkD/3zJVlJlHFTq5tFdgkbe/Q8wqIGZhZ/d46LGskHq
 e0gwX6xqkK0rIFOytjBMiELJpT1aZxQingK7IucW8Jr/SNHKL/LwqeqQs9IzXTHS
 HPoCdeB/z3uBdEn1q9qqad/LA9K0kcfM7x8fO1M5LTyPYA1h4kOYgNRox8iQKvST
 eqOJA/0V/3yfnXop6gK5U54i0Q07q9lve8Ge+p4PHwV3UWlIfUSY7KER/ybcTdMo
 8ShNQXa6qelYrMp3lq4PFu7IQibNTe2SWq5c9ekKgpjeP2ZLSPlGfjF7C04WUKP1
 ww/vTOSkslwByW1aDPZ1nVJlQOcKbdok0uCoeFFkna6Y6hA2iLQ1SVNDIFN1cHBv
 cnQgRW5naW5lZXJpbmcgU3RhZmYgPHN1cHBvcnQtc3RhZmZAaXNjLm9yZz6IYAQT
 EQIAIAUCSD2JFAIbAwYLCQgHAwIEFQIIAwQWAgMBAh4BAheAAAoJEA2gUt/owZXL
 Yw4An3HratPO/UynNiauDjD8ANAK/8XNAJ0Vd3Qsxq767Qd7DAtJlgAERJPL84hG
 BBMRAgAGBQJIPYqRAAoJEHCqWFK1AwmH2x4AoIQKEDuNdMIc37Eb1uAtY6VW4BPG
 AJ9UcBntSNhlHV1SQ/Kn2mrvmwBvpokBHAQQAQIABgUCSD4g0AAKCRAjNBJOG8ke
 bAIuB/98XDfx8/GvgyOQAv+nxriV/y+b77sAjHdnTtjIQFio8rgItmtNxrB115dR
 rxfBJK+1JGWgVePz3584RL6s+A1jFvjn89oQLFm7OF3Y89lMNkypqpluUw65kCPV
 jSv2fJd4hYCxE7Vo81AEHNrrcHHj4S5MUppg+BMr52CsvIE6SZgyEa6fQktu4J60
 M08tOvhcKNPOT7tXRCCmhj9aACxGQosbKvo6VuXWXIXt1nQEabOz0/cIaAIj71nd
 ifPkQnAKGmKFTyV/W19XnA396rMygkVGtpeFVydlY/no1/lUAO2UerhpNJp1BY1i
 TMvrpOoH59tWST/ieyzkBYiIrbXsuQINBEg9iRkQCACrqXjInCeHmqNX8g1x47e1
 LFubdQ/sd8XhXCMG8c9dxJe13plcVWyyJkupVlCKs4y2valHkpKokd/DfJbdfCIU
 /+Hg+QeCakFUbYgdBY6q/LDOGAi/OpOk/FYTSOEdMQMPytlKgOYvI/JQrtVF4/9X
 ZqpvtIPc0g6a57SXtDwGq0vEZ6YHiWxnnhbNOiXvvYZDK2k+RAgvwjgqAXZI0nz6
 RKGdKQ6l6KPqoZ3xft2WzAWpjzXsHDru9xKn1/P4tozAihUkZSGvjEFLB0arYduT
 99rQuJ5vZJs8W8JSsoLWUXSZsrrszDg9/jMGvi5kj7788NlkXJfcNSqn9YyzCfPH
 AAMFB/9ZwIXV21P4xnU0da+mDzY3L5r2yfKmiTD+CPYJrjD8/j5Tcd17HHM6wvvC
 XEkrgdZoZCw8E7aTSsb7+BWv/bbEhGABBToM8KZ9GRn+LGYZZ5+Ba4Pgdw+wpsEm
 DSChcQbCva9UJqENxfFF9BTfQ5B+DjQ+6uIMbTHBMs1S9NHLSTV5KrT+nxy1wNrj
 3Mt0z/TStTbahIoGACzJr5d1BFKuYmxs8hID9uQRLn28ICYpQSZrhK+Gnc5Y0wGl
 sTxBTQ91jpgVmbe6CHVDaGoGWi6ATOX/tLSfr9V+QFvM//kYgB/Wzy0KlX/Ixq/t
 jgdPCVu+aZrtCrJufqsYOKDNhWNfiEkEGBECAAkFAkg9iRkCGwwACgkQDaBS3+jB
 lcsolACfcPT0LlzJ1Sf88RAIQaPjMJG7bpsAoJpwKrQ/J2qPG4xfG5zjebgxyGVu
 =D/5G
 -----END PGP PUBLIC KEY BLOCK-----

Security Officer

-----BEGIN PGP PUBLIC KEY BLOCK-----
 Version: GnuPG v2.0.17 (MingW32)
 mQENBEsnyOQBCAC+WKYHcaDGD9a2ztwdccmhnzo0YJ9SOPVIonqGxCa6o8Twfipy
 H9Wh5uFqc6Ne+I0+vWohQtBIeodQHgGGlbjdxMp3QxohvqCmZcoObH7kjI1lpKQ6
 TMvRvo79pq5WRIuE+Jbm6Rt9Hz3w9APrYzISzeCuHFK7vlZfaLdoI0SxzEuzMmyO
 vQpa6dgSKQF6G2Nsbz1RYujZ6fE6GXtc+I9q44yJS4llYpUqYpPh5CsfbDx8HwMW
 Pj9eYOwjf3/vniFeG9tHIB8E+p7UBTG7bTVRlEgmyC1Ry0OPO3UPKjL/Dja8IeeJ
 amT0dlsRCD/O/WTyxQg9EceCgUvOz65puKkrABEBAAG0L0lTQyBTZWN1cml0eSBP
 ZmZpY2VyIDxzZWN1cml0eS1vZmZpY2VyQGlzYy5vcmc+iQExBBMBAgAbBQJLJ8jk
 AhsDBgsJCAcKAgQVCggCAh4BAheAAAoJEL2X3GOe6MR7gZYIAI4uSaX7HwU2ywaC
 O77q5O/Zzzp6M+Oi+z7G00GFpACMSDSjX8kbZoIIW7FXb9US/9XLwqDtjlrGOLbd
 zcZ/+EMsJM/HpT796YH8Y9gMpsH5SZq5gByeguT6KgjqF2w8yNX7/r0AM3psfVSv
 9l595CoJWNbDBHqGpqMi55SqKLCQOJ8noDp4x+JVNcJ1AdK/QVSk+gEhLqrvoYNy
 G8B/C2LL1fBQC8sFkX/M1mKlkM83GnJlPWCrig69VlR+relppEuZ5G34z93c9NtC
 qdH6zLzzej2qmwLb/dYJYvhEEMDlgvlSWw6yaJTuuEfuqHonrgOTXgb3Ln8A7XJE
 CuSgWrK5AQ0ESyfI5AEIAKUsrY4AxF87HvBEqhCXIt1o8plzVoIT5kY/p2n48U+o
 NGl5v4qNiC4SQZIvsA+Fcew8BhAYbNFTOsK/NKVOyiLkLOqQnkuBlESzzvMcl0gS
 uX1t99V2SJpCKukCa+jkTcjJnURODJn5Wp9GLAWXutxJvJnTt4oxcnAKun6Zt1vy
 OQs2lI9zXCTi8AdDKTiA/Es66CPVCRcMFUS6l9ArN57gUP0KRj8N0OfOQPdzShnG
 rSdtM0D2Ei2pmUcgkvSIeNU5HRd2iMpWGO1L8yfGQvp7dzjWbG7i/2RTnZ+KR3a2
 OMmtXUNuWQF3AfohS0TRTAcAR7IgOLzyy2prT9XKtCcAEQEAAYkBHwQYAQIACQUC
 SyfI5AIbDAAKCRC9l9xjnujEeze1CAC4A+KZdRi08gBxG4hKuvpL0fHfwnVmrLR3
 9c0mQR9tE+iUcOezqER3z2fn/Zm5nMTZcauzCXMmFXwKWlGufiDrXVqKCyEHkYyB
 nn3U9ksRigo8eG/X3+G3US9k0c7FfWaIrOY2IdGWUQic0ENOu/94VAFaleI4BBQv
 nDIY6hr4Fm14qXgssF7YwcEreoUU+AyhYc52tlDssU9DUaX/vn7OD42FIzpUzgUy
 oZ97UtPX+m9P5YN2Teeq0iVkcxxmT9wuNYCCZb1W03hvcA8uwvRkNDbdQ//dma2g
 XdUPoXfBJT4kLo1/KV5GimPHdn0h172E1RKLgKtrJ58TVTJ6UV1r
 =j6G5
 -----END PGP PUBLIC KEY BLOCK-----

Verifying a source tarball with the pgp key:

You will need to have the GnuPG package installed. Then download the newest key above and import it into your own keyring:

  • gpg –import KEYFILE # such as KEYFILE pgpkey2009.txt

Then you can verify any BIND or DHCP release by:

  • gpg –verify SIGFILE TARBALL

i.e. for bind-9.7.2.gz, using signature file bind-9.7.2.sha512.asc

  • gpg –verify bind-9.7.2.sha512.asc bind-9.7.2.gz