I decided to try to certify Wladimir's PGP k= eys (the old one (2346C9A6) first, and then the new one (36C2E964), since i= t was signed with the old one).

I visited=20 https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2015= -June/009045.html to see that the new key was referenced in a message s= igned by the old one.=C2=A0 I figure it's safe to assume that if the ol= d key actually signed that message, then the core dev using <laanwj at g= mail.com> is an actual core dev (that's all I'd be worried a= bout).=C2=A0 So I copied the text from ------BEGIN PGP SIGNED MESSAGE----- = to -----END PGP SIGNATURE----- to my clipboard and asked Kleopatra (on=20 Windows) to verify it.=C2=A0 It says the signature is bad.=C2=A0 If I alter= the text of the email (so the signature would be have to be different to b= e valid), it says exactly the same thing.=C2=A0 So maybe something is wrong= with Kleopatra on Windows.

However, the=20 SHA256SUMS.asc file I got from the magnet link posted in the email (below)=C2=A0 verifies just fine using the new key (36C2E964).=C2=A0 So I f= igure Kleopatra is not broken.=C2=A0 It recognizes that the old key was use= d to create the signature in that old email, but it says it's invalid.= =C2=A0 Has Wladimir been secretly replaced by someone who doesn't have = access to the private key for 2346C9A6?=C2=A0 Can you make a (bad) signatur= e look like it was made using a key you don't have? The whole reason fo= r signing is so that we will know if something like that happened.=C2=A0 So= did I do something wrong?=C2=A0 (I mean, besides using Windows).

I believe this is the expected result if someone took something Wl= adimir signed and ripped off the signature and pasted it below this new mes= sage to make everyone think the new message was genuine.=C2=A0 Maybe Wladim= ir made an edit after the signature was attached.=C2=A0 Or maybe it got cha= nged when it went through the email system.=C2=A0 It would be nice to know.= =C2=A0 Anyway, I fell back on Windows security and ran the install because = it said it verified that the publisher was "The Bitcoin Foundation&quo= t;.

On Fri, Nov 13, 2015 at 5:13 AM, Wladimir J. van der Laan = via bitcoin-dev <bitcoin-dev@lists.linuxfoundation.org= > wrote:

-----BEGIN PGP SIG= NED MESSAGE-----
Hash: SHA512

Bitcoin Core version 0.11.2 is now available from:

=C2=A0 <https://bitcoin.org/bin/bitcoin-core-0.11.2/<= /a>>

Alternatively, through bittorrent:

=C2=A0 =C2=A0 magnet:?xt=3Durn:btih:d6d3387160f7e14f6f27dc40ae84cf566ebf631= b&dn=3Dbitcoin-core-0.11.2&tr=3Dudp%3A%2F%2Ftracker.openb= ittorrent.com%3A80%2Fannounce&tr=3Dudp%3A%2F%2Ftracker.publicbt= .com%3A80%2Fannounce&tr=3Dudp%3A%2F%2Ftracker.ccc.de%3A80%2Fannou= nce&tr=3Dudp%3A%2F%2Ftracker.coppersurfer.tk%3A6969&tr= =3Dudp%3A%2F%2Fopen.demonii.com%3A1337&ws=3Dhttps%3A%2F%2Fbitcoin.o= rg%2Fbin%2F

This is a new minor version release, bringing bug fixes, the BIP65
(CLTV) consensus change, and relay policy preparation for BIP113. It is
recommended to upgrade to this version as soon as possible.

Please report bugs using the issue tracker at github:

=C2=A0 <https://github.com/bitcoin/bitcoin/issues>= ;

Upgrading and downgrading
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=

How to Upgrade
- --------------

If you are running an older version, shut it down. Wait until it has comple= tely
shut down (which might take a few minutes for older versions), then run the=
installer (on Windows) or just copy over /Applications/Bitcoin-Qt (on Mac) = or
bitcoind/bitcoin-qt (on Linux).

Downgrade warning
- ------------------

Because release 0.10.0 and later makes use of headers-first synchronization= and
parallel block download (see further), the block files and databases are no= t
backwards-compatible with pre-0.10 versions of Bitcoin Core or other softwa= re:

* Blocks will be stored on disk out of order (in the order they are
received, really), which makes it incompatible with some tools or
other programs. Reindexing using earlier versions will also not work
anymore as a result of this.

* The block index database will now hold headers for which no block is
stored on disk, which earlier versions won't support.

If you want to be able to downgrade smoothly, make a backup of your entire = data
directory. Without this your node will need start syncing (or importing fro= m
bootstrap.dat) anew afterwards. It is possible that the data from a complet= ely
synchronised 0.10 node may be usable in older versions as-is, but this is n= ot
supported and may break as soon as the older version attempts to reindex.
This does not affect wallet forward or backward compatibility. There are no=
known problems when downgrading from 0.11.x to 0.10.x.

Notable changes since 0.11.1
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D

BIP65 soft fork to enforce OP_CHECKLOCKTIMEVERIFY opcode
- --------------------------------------------------------

This release includes several changes related to the [BIP65][] soft fork which redefines the existing OP_NOP2 opcode as OP_CHECKLOCKTIMEVERIFY
(CLTV) so that a transaction output can be made unspendable until a
specified point in the future.

1. This release will only relay and mine transactions spending a CLTV
=C2=A0 =C2=A0output if they comply with the BIP65 rules as provided in code= .

2. This release will produce version 4 blocks by default. Please see the =C2=A0 =C2=A0*notice to miners* below.

3. Once 951 out of a sequence of 1,001 blocks on the local node's best = block
=C2=A0 =C2=A0chain contain version 4 (or higher) blocks, this release will = no
=C2=A0 =C2=A0longer accept new version 3 blocks and it will only accept ver= sion 4
=C2=A0 =C2=A0blocks if they comply with the BIP65 rules for CLTV.

For more information about the soft-forking change, please see
<https://github.com/bitcoin/bitcoin/pull/6351>=

Graphs showing the progress towards block version 4 adoption may be
found at the URLs below:

- - Block versions over the last 50,000 blocks as progress towards BIP65 =C2=A0 consensus enforcement: <http://bitcoin.sipa.be/ver-50k.p= ng>

- - Block versions over the last 2,000 blocks showing the days to the
=C2=A0 earliest possible BIP65 consensus-enforced block: <http:/= /bitcoin.sipa.be/ver-2k.png>

**Notice to miners:** Bitcoin Core=E2=80=99s block templates are now for version 4 blocks only, and any mining software relying on its
getblocktemplate must be updated in parallel to use libblkmaker either
version 0.4.3 or any version from 0.5.2 onward.

- - If you are solo mining, this will affect you the moment you upgrade
=C2=A0 Bitcoin Core, which must be done prior to BIP65 achieving its 951/10= 01
=C2=A0 status.

- - If you are mining with the stratum mining protocol: this does not
=C2=A0 affect you.

- - If you are mining with the getblocktemplate protocol to a pool: this =C2=A0 will affect you at the pool operator=E2=80=99s discretion, which mus= t be no
=C2=A0 later than BIP65 achieving its 951/1001 status.

[BIP65]: https://github.com/bitcoin/bi= ps/blob/master/bip-0065.mediawiki

BIP113 mempool-only locktime enforcement using GetMedianTimePast()
- ----------------------------------------------------------------

Bitcoin transactions currently may specify a locktime indicating when
they may be added to a valid block.=C2=A0 Current consensus rules require that blocks have a block header time greater than the locktime specified in any transaction in that block.

Miners get to choose what time they use for their header time, with the
consensus rule being that no node will accept a block whose time is more than two hours in the future.=C2=A0 This creates a incentive for miners to<= br> set their header times to future values in order to include locktimed
transactions which weren't supposed to be included for up to two more hours.

The consensus rules also specify that valid blocks may have a header
time greater than that of the median of the 11 previous blocks.=C2=A0 This<= br> GetMedianTimePast() time has a key feature we generally associate with
time: it can't go backwards.

[BIP113][] specifies a soft fork (**not enforced in this release**) that weakens this perverse incentive for individual miners to use a future
time by requiring that valid blocks have a computed GetMedianTimePast()
greater than the locktime specified in any transaction in that block.

Mempool inclusion rules currently require transactions to be valid for
immediate inclusion in a block in order to be accepted into the mempool. This release begins applying the BIP113 rule to received transactions,
so transaction whose time is greater than the GetMedianTimePast() will
no longer be accepted into the mempool.

**Implication for miners:** you will begin rejecting transactions that
would not be valid under BIP113, which will prevent you from producing
invalid blocks if/when BIP113 is enforced on the network. Any
transactions which are valid under the current rules but not yet valid
under the BIP113 rules will either be mined by other miners or delayed
until they are valid under BIP113. Note, however, that time-based
locktime transactions are more or less unseen on the network currently.

**Implication for users:** GetMedianTimePast() always trails behind the
current time, so a transaction locktime set to the present time will be
rejected by nodes running this release until the median time moves
forward. To compensate, subtract one hour (3,600 seconds) from your
locktimes to allow those transactions to be included in mempools at
approximately the expected time.

[BIP113]: https://github.com/bitcoin/b= ips/blob/master/bip-0113.mediawiki

Windows bug fix for corrupted UTXO database on unclean shutdowns
- ----------------------------------------------------------------

Several Windows users reported that they often need to reindex the
entire blockchain after an unclean shutdown of Bitcoin Core on Windows
(or an unclean shutdown of Windows itself). Although unclean shutdowns
remain unsafe, this release no longer relies on memory-mapped files for
the UTXO database, which significantly reduced the frequency of unclean
shutdowns leading to required reindexes during testing.

For more information, see: <https://github.com/bitcoi= n/bitcoin/pull/6917>

Other fixes for database corruption on Windows are expected in the
next major release.

0.11.2 Change log
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D

Detailed release notes follow. This overview includes changes that affect behavior, not code moves, refactors and string updates. For convenience in = locating
the code changes and accompanying discussion, both the pull request and
git merge commit are mentioned.

- - #6124 `684636b` Make CScriptNum() take nMaxNumSize as an argument
- - #6124 `4fa7a04` Replace NOP2 with CHECKLOCKTIMEVERIFY (BIP65)
- - #6124 `6ea5ca4` Enable CHECKLOCKTIMEVERIFY as a standard script verify = flag
- - #6351 `5e82e1c` Add CHECKLOCKTIMEVERIFY (BIP65) soft-fork logic
- - #6353 `ba1da90` Show softfork status in getblockchaininfo
- - #6351 `6af25b0` Add BIP65 to getblockchaininfo softforks list
- - #6688 `01878c9` Fix locking in GetTransaction
- - #6653 `b3eaa30` [Qt] Raise debug window when requested
- - #6600 `1e672ae` Debian/Ubuntu: Include bitcoin-tx binary
- - #6600 `2394f4d` Debian/Ubuntu: Split bitcoin-tx into its own package - - #5987 `33d6825` Bugfix: Allow mining on top of old tip blocks for testn= et
- - #6852 `21e58b8` build: make sure OpenSSL heeds noexecstack
- - #6846 `af6edac` alias `-h` for `--help`
- - #6867 `95a5039` Set TCP_NODELAY on P2P sockets.
- - #6856 `dfe55bd` Do not allow blockfile pruning during reindex.
- - #6566 `a1d3c6f` Add rules--presently disabled--for using GetMedianTimeP= ast as end point for lock-time calculations
- - #6566 `f720c5f` Enable policy enforcing GetMedianTimePast as the end po= int of lock-time constraints
- - #6917 `0af5b8e` leveldb: Win32WritableFile without memory mapping
- - #6948 `4e895b0` Always flush block and undo when switching to new file<= br>
Credits
=3D=3D=3D=3D=3D=3D=3D

Thanks to everyone who directly contributed to this release:

- - Alex Morcos
- - =E0=B8=BFtcDrak
- - Chris Kleeschulte
- - Daniel Cousens
- - Diego Viola
- - Eric Lombrozo
- - Esteban Ordano
- - Gregory Maxwell
- - Luke Dashjr
- - Marco Falke
- - Mark Friedenbach
- - Matt Corallo
- - Micha
- - Mitchell Cash
- - Peter Todd
- - Pieter Wuille
- - Wladimir J. van der Laan
- - Zak Wilcox

And those who contributed additional code review and/or security research.<= br>
As well as everyone that helped translating on [Transifex](https://www.transifex.com/projects/p/bitcoin/).

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBCgAGBQJWReHOAAoJEHSBCwEjRsmmTAAH/iZQGklLHLIM6a2tTOj4d/O6
xHg5bJhXGjtzO284Uy3phTzvk+e4mqBTjI8BrSr4D+Vw7mJrfWihdTLlgZYCwso3
AyAk8ud1H42QanAfUvciY5uXd7cyzr8tCnCIBkvwJT5O8tI3FFhSMM5Fs86WnsP1
Y10+93sxaVJUave2xm1bmgiwApFZKQ2MNU1IVgFaW8agB59fuqtPRnBdKiK/j+AO
Jn1LKsObsINYhjtkAFiC66mUOBZ2N3rdhbN3LFl+u7EriTLoYk1OtZZhlC+rOueo
nxl1H5SHStjrD27vE9Hv2qD5Ckrwo3zib8hZNIVs6MJjFnWUCwNtNg0nqDEvpn4=3D
=3DxXdY
-----END PGP SIGNATURE-----
_______________________________________________
bitcoin-dev mailing list
bitcoin-dev@lists.= linuxfoundation.org
https://lists.linuxfoundation.org/mail= man/listinfo/bitcoin-dev

I like to provide some work at no charge to prove = my value. Do you need a techie?=C2=A0
I own Litmocracy and Meme Racing (in alpha).
I'm the we= bmaster for The V= oluntaryist which now accepts Bitcoin.
I also code for The Dollar Vigilante.
&= quot;He ought to find it more profitable to play by the rules" - Satos= hi Nakamoto

--001a113d41ae21666f052476aec4--