diff options
Diffstat (limited to 'canary-templates')
| -rw-r--r-- | canary-templates/memdmp:estrogen.zone | 48 |
1 files changed, 39 insertions, 9 deletions
diff --git a/canary-templates/memdmp:estrogen.zone b/canary-templates/memdmp:estrogen.zone index 0550da8..3478f78 100644 --- a/canary-templates/memdmp:estrogen.zone +++ b/canary-templates/memdmp:estrogen.zone @@ -19,7 +19,7 @@ ┃ correct key, this message certifies that, to the extent of memdmp's knowledge, ┃ estrogen.zone and it's operators and administrators have, for... ┃ - ┃ ...git.estrogen.zone, mail.estrogen.zone, ntfy.estrogen.zone: + ┃ ...nandcat.estrogen.zone: ┃ - obtained 0 law enforcement request(s) for customer/user data, of which, ┃ - obtained 0 were legally valid, sent in the correct channels, and resulted ┃ in data being turned over @@ -40,13 +40,16 @@ ┃ ┣━ Kyun ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┅┅┅┅┅┅┅┄┄┄┄┄ ┃ - ┃ We have noticed the kyun canary states they have turned over some data. - ┃ Any of our remote systems may be, in some way, shape or form, compromised. + ┃ Data on nandcat, prior to some point before Jan 1st 2026, was stored on Kyun. + ┃ Data on yuridick.gay is still stored on Kyun. See below. + ┃ + ┃ We have noticed the Kyun canary states they have turned over some data. + ┃ We have no way to guarantee this does not include old nandcat data. ┃ ┃ Additionally, their old signing key 120FC25E2A9A3F4784AC6B0EA0B522B4DA201019 ┃ has expired. It has signed a new key created 10 days after expiration. ┃ - ┃ We are working on mitigating this over time. + ┃ All keys on the host, to the extent of our knowledge, have been rotated. ┃ ┃ see also: ┃ git.estrogen.zone/mem-estrogen-zone.git/commit/?id=082a734b95cb8c84e099dc7860d493cea28314b8 @@ -71,17 +74,44 @@ ┏━ External Providers ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┅┅┅┅┅┅┅┄┄┄┄┄ ┃ - ┃ Certain services are provided via kyun, which's canary can be found at + ┃ Some hosts are run by external organisations and not by us. These + ┃ are: + ┃ + ┃╌╌╌╌ Kyun ╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌ + ┃ + ┃ Certain services are provided via Kyun, which's canary can be found at ┃ https://files.kyun.host/canary.txt and must be signed by ┃ 120F C25E 2A9A 3F47 84AC 6B0E A0B5 22B4 DA20 1019. ┃ ┃ These services are: - ┃ - estrogen.zone, git.estrogen.zone, mail.estrogen.zone, - ┃ mem.estrogen.zone, ntfy.estrogen.zone - ┃ - yuridick.gay, n.yuridick.gay + ┃ - yuridick.gay (incl. subdomains) ┃ ┃ Without a valid kyun canary, this canary's validity is void. ┃ + ┃╌╌╌╌ mvps ╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌ + ┃ + ┃ Certain services are provided via mvps. They do not have a warrant canary + ┃ yet. + ┃ + ┃ These services are: + ┃ - nandcat.estrogen.zone + ┃ - estrogen.zone static sites (estrogen.zone, feishin.estrogen.zone, static.estrogen.zone) + ┃ - estrogen.zone matrix + ┃ - v4.estrogen.zone, v6.estrogen.zone + ┃ - mail.estrogen.zone, mta-sts.estrogen.zone, mta-sts.neobot.systems + ┃ - ntfy.estrogen.zone + ┃ - git.estrogen.zone + ┃ - load.femboy.cafe + ┃ + ┃ For these services, you need to have trust in mvps. + ┃ + ┃ Some of these services (namely Matrix, and for e2ee mails E-Mail) do + ┃ cryptography to guarantee security even in the event of a host compromise. + ┃ + ┃ For mail.estrogen.zone, at-rest GPG encryption for incoming mails can be + ┃ enabled, as to ensure emails are secure if the host was not compromised + ┃ at the time of receiving the emails. + ┃ ┗━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┅┅┅┅┅┅┅┄┄┄┄┄ ┏━ Canary Deadline ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┅┅┅┅┅┅┅┄┄┄┄┄ @@ -137,7 +167,7 @@ ┃ If you wish to use this canary, or one derived thereof, for your own ┃ services, you must comply with the licencse below (SPDX: BSD-3-Clause): ┃ - ┃ Copyright 2024 memdmp + ┃ Copyright 2024-2026 memdmp ┃ ┃ Redistribution and use in source and binary forms, with or without ┃ modification, are permitted provided that the following conditions |