RIPE NCC PGP Key Policy
RIPE NCC keys are used for one year, with the changeover taking place in January. The keys are named RIPE NCC <ncc _at_ ripe _dot_ net>.
The latest RIPE NCC PGP key is available for download.
- We publish new keys each year in December
- They are available from a secure website, on public key servers, and are distributed in a mail signed with the old key
- We start using the new key in January, and after this point no emails will be sent using the old key
- The old key expires in February, 15 months after creation
Getting the Key
You should verify that the server certificate belongs to the RIPE NCC. The key published is signed by the Managing Director, the Chief Technical Officer and last year's RIPE NCC key.
The RIPE NCC key is also be published on public PGP servers.
PGP users can use their own PGP web of trust to verify and optionally sign the RIPE NCC key.
If our private key is destroyed or compromised, we initiate an immediate key rollover . The new key is signed by the RIPE NCC Managing Director and the Chief Technical Officer.
- The RIPE NCC key is also be published on public PGP servers.
- PGP users can use their own PGP web of trust to verify and optionally sign the RIPE NCC key.