List Archive: gentoo-project
Note: Due to technical difficulties, the Archives are currently not up to date.
provides an alternative service for most mailing lists.c.f. bug 424647
On 16:33 Thu 04 Aug , Patrick Lauer wrote:
> On 08/04/11 15:24, Dane Smith wrote:
> >> A small thing which I've brought up for discussion twice (and both times
> >> it was mostly ignored), but which I'd really like to see discussed or
> >> even agreed on:
> >> A simple policy making signed commits mandatory, plus a simple policy on
> >> key length, permissible encryption/signature algorithms, and a
> >> well-defined place where (public) keys are made available for verifying
> >> and checking the validity of the signatures.
> > IMHO:
> > Key Length: 2048
> > Enc/Sig: RSA Signatures, sha256 hashes
> As a first iteration I think this is "good enough", we can still discuss
> the finer details (but I think that'll mostly be bikeshedding and should
> not stop us now from defining an initial standard)
I'm happy to vote on a standard whenever you experts can come up with a
concrete set of requirements to propose.
Council Member / Sr. Developer