Gentoo Archives: gentoo-project

From: Patrick Lauer <patrick@g.o>
To: gentoo-project@l.g.o
Subject: Re: [gentoo-project] Preparations Council meeting 2011-08-09
Date: Thu, 04 Aug 2011 14:34:18
Message-Id: 4E3AADC7.9050901@gentoo.org
In Reply to: Re: [gentoo-project] Preparations Council meeting 2011-08-09 by Dane Smith
1 On 08/04/11 15:24, Dane Smith wrote:
2 >> A small thing which I've brought up for discussion twice (and both times
3 >> it was mostly ignored), but which I'd really like to see discussed or
4 >> even agreed on:
5 >>
6 >> A simple policy making signed commits mandatory, plus a simple policy on
7 >> key length, permissible encryption/signature algorithms, and a
8 >> well-defined place where (public) keys are made available for verifying
9 >> and checking the validity of the signatures.
10 >>
11 >>
12 >
13 > IMHO:
14 > Key Length: 2048
15 > Enc/Sig: RSA Signatures, sha256 hashes
16 As a first iteration I think this is "good enough", we can still discuss
17 the finer details (but I think that'll mostly be bikeshedding and should
18 not stop us now from defining an initial standard)
19
20 > Last part: Still working on that.
21
22 Can we store the keys in LDAP ?
23 If yes it would be trivial to write a cute little script that just
24 generates a tarball of them all and put it somewhere in the public webspace.

Replies

Subject Author
Re: [gentoo-project] Preparations Council meeting 2011-08-09 Donnie Berkholz <dberkholz@g.o>