Re: Bad PGP Key from Microsoft Security Response Center

From: Bronek Kozicki (brok_at_rubikon.pl)
Date: 07/19/01


Hello

I asked secure_at_microsoft.com if they know about the problem, here's their
response:

B.

Hello -

Thanks for your email. We have had problems with signing our bulletins
over the last six months. We always verify that the comback email from
the listserver verifies as GOOD, however, once we approve it to be
released, the sig is corrupted by the listserv. (This happens from time
to time depending on the formatting of the email - we are working with
lsoft to figure out a solution.)

However, it's really not too much of a concern. Our emails do not
contains patches, nor do they contain links to patches (as the fake
bulletins do.) Our emails only contain a link back to the Microsoft web
site where we encourage users to read the entire security bulletin and
take the actions discussed there. In fact, we have discussed whether we
even need to sign the emails as they don't contain links to anything but
our website - we consider the email simply a "notification" that there
is a bulletin on the website that should be read. That being said, we
are working on solutions to ensure that future emails can be verified as
Good signatures.

Regards,

Secure_at_Microsoft.com

From: "Henry Sieff" <hsieff_at_orthodon.com>
> Same results here. I just redownloaded their key from their web site a
> few seconds ago and I get the same thing. . .

> > From: Shaun Jamieson [mailto:sjamieson_at_esi-intl.com]
> > I got the same results. I got a Status: BAD on MS01-038 and
> > good on all
> > previous ones. I wonder what's up?

> > From: Zechariah Harvey [mailto:slyde_at_webservantsextraordinaire.com]
> > All other bulletins' signatures came out with the status "good". I
> do
> > have the key and Have it marked as Valid and Trusted. Would anyone
> be
> > able to confirm/deny my worries about something of this nature?



Relevant Pages

  • All We are Saying
    ... playing anywhere. ... Signed up on their website to receive updated bulletins, ... intimate conversations about the state of the art with such ...
    (rec.music.makers.guitar.acoustic)
  • Re: Sky & Tel "bulletins are now spam
    ... People going to the website have value, therefore posting these ... bulletins is "selling." ...
    (sci.astro.amateur)
  • Bridge tournament during the Ryder Cup
    ... I completely forgot about the Warren Buffett cup. ... Is there a website with information (participants, results, bulletins, etc) about it? ...
    (rec.games.bridge)