1 files changed, 146 insertions, 0 deletions

diff --git a/canary-templates/memdmp:estrogen.zone b/canary-templates/memdmp:estrogen.zone
new file mode 100644
index 0000000..7a3a11b
--- /dev/null
+++ b/canary-templates/memdmp:estrogen.zone
@@ -0,0 +1,146 @@
+ ┏━ Date & Time Information ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┅┅┅┅┅┅┅┄┄┄┄┄
+ ┃   
+ ┃   Canary was created at:
+ ┃   [PRESENT_DAY] [PRESENT_TIME] (UTC)
+ ┃   
+ ┣━ Proof of Date & Time ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┅┅┅┅┅┅┅┄┄┄┄┄
+ ┃   
+ ┃   Latest Monero block hash:
+ ┃   [MONERO_HASH]
+ ┃   
+ ┃   Latest Linux kernel.org `master` commit:
+ ┃   [LINUX_KERNEL_COMMIT]
+ ┃   
+ ┗━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┅┅┅┅┅┅┅┄┄┄┄┄
+
+ ┏━ Law Enforcement Requests ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┅┅┅┅┅┅┅┄┄┄┄┄
+ ┃   
+ ┃   Assuming this message is up-to-date, has a valid signature signed with the
+ ┃   correct key, this message certifies that, to the extent of memdmp's knowledge,
+ ┃   estrogen.zone and it's operators and administrators have, for...
+ ┃   
+ ┃   ...sh.estrogen.zone (and mem.estrogen.zone, mail.estrogen.zone):
+ ┃   - obtained 0 law enforcement request(s) for customer/user data, of which,
+ ┃   - obtained 0 were legally valid, sent in the correct channels, and resulted
+ ┃       in data being turned over
+ ┃   - never installed any law enforcement software or equipment anywhere on the
+ ┃       systems' networks
+ ┃   
+ ┃   ...yuridick.gay (including n.yuridick.gay):
+ ┃   - obtained 0 law enforcement request(s) for customer/user data, of which,
+ ┃   - obtained 0 were legally valid, sent in the correct channels, and resulted
+ ┃       in data being turned over
+ ┃   - never installed any law enforcement software or equipment anywhere on the
+ ┃       systems' networks
+ ┃   
+ ┃   Note that, however, if another operator of the aforementioned system(s)
+ ┃   has the ability to compromise the privacy of said infrastructure, and may
+ ┃   be prevented from communicating said information internally, you may need
+ ┃   to check their canaries.
+ ┃   
+ ┗━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┅┅┅┅┅┅┅┄┄┄┄┄
+
+ ┏━ Compromising Systems ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┅┅┅┅┅┅┅┄┄┄┄┄
+ ┃   
+ ┃   estrogen.zone and its operators have never weakened, compromised, or
+ ┃   subverted any of its software or hardware at the request of law
+ ┃   enforcement or another third party.
+ ┃   
+ ┃   Note that, however, if another operator of the aforementioned system(s)
+ ┃   has the ability to compromise said infrastructure, and may be prevented
+ ┃   from communicating said information internally, you may need to check
+ ┃   their canaries.
+ ┃   
+ ┗━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┅┅┅┅┅┅┅┄┄┄┄┄
+
+ ┏━ External Providers ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┅┅┅┅┅┅┅┄┄┄┄┄
+ ┃   
+ ┃   Certain services are provided via kyun, which's canary can be found at
+ ┃   https://files.kyun.host/canary.txt and must be signed by
+ ┃   120F C25E 2A9A 3F47 84AC 6B0E A0B5 22B4 DA20 1019.
+ ┃   
+ ┃   These services are:
+ ┃   - sh.estrogen.zone, mem.estrogen.zone, mail.estrogen.zone
+ ┃   - yuridick.gay, n.yuridick.gay
+ ┃   
+ ┗━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┅┅┅┅┅┅┅┄┄┄┄┄
+
+ ┏━ Canary Deadline ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┅┅┅┅┅┅┅┄┄┄┄┄
+ ┃   
+ ┃   This message should be updated within 7 days, and must be updated within 14.
+ ┃   This canary expires 14 days (336 hours; 20160 minutes) after publishing,
+ ┃   where the time of publishing is defined as the lowest one of:
+ ┃   - The date & time at the top of the canary
+ ┃   - The creation time of the monero hash at the top of this canary
+ ┃       (https://localmonero.co/blocks/block/ebbd7e0278800501b5092332ae2b0b38c1058e88a41155f21dcaf9147c8a86c1)
+ ┃   - The creation time of the linux kernel commit at the top of this canary
+ ┃       (https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=28eb75e178d389d325f1666e422bc13bbbb9804c)
+ ┃   
+ ┃   If the date & time are wildly out of line, or are outside of the key
+ ┃   signing this file's validity range, this canary is to be discarded.
+ ┃   
+ ┗━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┅┅┅┅┅┅┅┄┄┄┄┄
+
+ ┏━ Signing Keys ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┅┅┅┅┅┅┅┄┄┄┄┄
+ ┃   
+ ┃   Assuming you know this message is valid and has not been tampered with,
+ ┃   you can ensure future canaries are trustworthy by validating them against
+ ┃   the key with the fingerprint:
+ ┃   > B546 778F 06BB CC8E C167 DB3C D919 7064 87B8 B6DE
+ ┃   
+ ┃   The public key to verify this message's signature is available at:
+ ┃   https://mem.estrogen.zone/keys/memdmp/primary.pgp
+ ┃   https://meta.sh.estrogen.zone/~memdmp.pgp (one of them should be the right one)
+ ┃   https://pgp.surf.nl/pks/lookup?op=get&search=0xB546778F06BBCC8EC167DB3CD919706487B8B6DE
+ ┃   https://keys.openpgp.org/vks/v1/by-fingerprint/B546778F06BBCC8EC167DB3CD919706487B8B6DE
+ ┃   https://keyserver.ubuntu.com/pks/lookup?op=get&search=0xB546778F06BBCC8EC167DB3CD919706487B8B6DE
+ ┃   
+ ┃   You should ensure that the fingerprint above matches the well-known one
+ ┃   for the signer, via external sources, such as recordings of talks, at
+ ┃   events, or other people signing their key.
+ ┃   
+ ┃   Any new keys, both temporary and permanent, for signing this document,
+ ┃   must be mentioned atleast ten days before said new keys are valid, and
+ ┃   must be signed by a known-good key.
+ ┃   Both keys must not be expired or revoked as of this new key being added,
+ ┃   and as of it being used to sign new canaries.
+ ┃   
+ ┃   Any canaries not signed by known good keys must be treated as invalid.
+ ┃   
+ ┗━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┅┅┅┅┅┅┅┄┄┄┄┄
+
+ ┏━ Licensing ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┅┅┅┅┅┅┅┄┄┄┄┄
+ ┃   
+ ┃   If you wish to use this canary, or one derived thereof, for your own
+ ┃   services, you must comply with the licencse below (SPDX: BSD-3-Clause):
+ ┃   
+ ┃   Copyright 2024 memdmp
+ ┃   
+ ┃   Redistribution and use in source and binary forms, with or without
+ ┃   modification, are permitted provided that the following conditions
+ ┃   are met:
+ ┃   
+ ┃   1. Redistributions of source material must retain the above copyright
+ ┃        notice, this list of conditions and the following disclaimer.
+ ┃   2. Redistributions in preprocessed/binary form must reproduce the
+ ┃        above copyright notice, this list of conditions and the following
+ ┃        disclaimer in the documentation and/or other materials provided
+ ┃        with the distribution.
+ ┃   3. Neither the name of the copyright holder nor the names of its
+ ┃        contributors may be used to endorse or promote products derived
+ ┃        from this material without specific prior written permission.
+ ┃   
+ ┃   THIS MATERIAL IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ┃   “AS IS” AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ ┃   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ ┃   FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ ┃   COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ ┃   INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ ┃   BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ ┃   LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+ ┃   CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ ┃   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
+ ┃   ANY WAY OUT OF THE USE OF THIS MATERIAL, EVEN IF ADVISED OF THE
+ ┃   POSSIBILITY OF SUCH DAMAGE.
+ ┃   
+ ┗━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┅┅┅┅┅┅┅┄┄┄┄┄