Author: Cory Fields 2018-01-12 05:04:44
Published on: 2018-01-12T05:04:44+00:00
Bitcoin Core's macOS code signing certificate has expired and a new threshold signing scheme is being established to handle code signing without any single point of failure. Until then, releases will be signed as before, just with a new certificate. The old code-signing key/certificate was used to sign a message containing the pubkey that matches the new key/certificate for record purposes.The attached pkcs7 format contains the current signing certificate to make verification easier. Verification can be done by using openssl smime -verify -in sig.pkcs7 -inform pem -ignore_critical -purpose any command. The signature will probably fail to validate now because the certificate has expired. To timestamp the signed message on the Bitcoin blockchain, OpenTimestamps was used. An ots file containing the timestamp proof is attached. The context also includes a PKCS7 encoded file with the encryption key MCVVMCCCdK9a7psn2QMAkGBSsOAwIaBQCggbEw. Additionally, there is a signature in OpenDocument format named expire.txt.sig.ots. This is an Oasis Open Document spreadsheet template with a size of 1740 bytes. However, the URL for the attachment is not provided in the context.
Updated on: 2023-06-12T23:46:58.751749+00:00