rsync.net Warrant Canary Existing and proposed laws, especially as relate to the US Patriot Act, etc., provide for secret warrants, searches and seizures of data, such as library records. Some such laws provide for criminal penalties for revealing the warrant, search or seizure, disallowing the disclosure of events that would materially affect the users of a service such as rsync.net. rsync.net and its principals and employees will in fact comply with such warrants and their provisions for secrecy. rsync.net will also make available, weekly, a "warrant canary" in the form of a cryptographically signed message containing the following: - a declaration that, up to that point, no warrants have been served, nor have any searches or seizures taken place - a cut and paste headline from a major news source, establishing date Special note should be taken if these messages ever cease being updated, or are removed from this page. The current message is here: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 2010-02-08 No warrants have ever been served to rsync.net, or rsync.net principals or employees. No searches or seizures of any kind have ever been performed on rsync.net assets, including: ALL San Diego locations ALL Denver locations ALL Zurich locations ALL Dubai locations ALL Tokyo locations (from www.NewYorkTimes.com) Damage From Blast Hinders Rescue Amid the twisted beams of the Connecticut power plant, officials suspended the search for survivors early Monday, fearing for the rescue workers. safety. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (FreeBSD) iD8DBQFLcEhSBzwoLX1vgGwRApaOAKCTnpdKwzXAO2qxHpcElX5w4CUW6QCfT55g p6o27XYsL6+4zzkXL5CPAH4= =Dh2y -----END PGP SIGNATURE----- The primary rsync.net public key is here: http://www.rsync.net/resources/pubkey.txt Notes: This scheme is not infallible. Although signing the declaration makes it impossible for a third party to produce arbitrary declarations, it does not prevent them from using force to coerce rsync.net to produce false declarations. The news clip in the signed message serves to demonstrate that that update could not have been created prior to that date. It shows that a series of these updates were not created in advance and posted on this page.