1 |
On 08/04/11 15:24, Dane Smith wrote: |
2 |
>> A small thing which I've brought up for discussion twice (and both times |
3 |
>> it was mostly ignored), but which I'd really like to see discussed or |
4 |
>> even agreed on: |
5 |
>> |
6 |
>> A simple policy making signed commits mandatory, plus a simple policy on |
7 |
>> key length, permissible encryption/signature algorithms, and a |
8 |
>> well-defined place where (public) keys are made available for verifying |
9 |
>> and checking the validity of the signatures. |
10 |
>> |
11 |
>> |
12 |
> |
13 |
> IMHO: |
14 |
> Key Length: 2048 |
15 |
> Enc/Sig: RSA Signatures, sha256 hashes |
16 |
As a first iteration I think this is "good enough", we can still discuss |
17 |
the finer details (but I think that'll mostly be bikeshedding and should |
18 |
not stop us now from defining an initial standard) |
19 |
|
20 |
> Last part: Still working on that. |
21 |
|
22 |
Can we store the keys in LDAP ? |
23 |
If yes it would be trivial to write a cute little script that just |
24 |
generates a tarball of them all and put it somewhere in the public webspace. |