Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-project
Navigation:
Lists: gentoo-project: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-project@g.o
From: "Aaron W. Swenson" <titanofold@g.o>
Subject: Re: Preparations Council meeting 2011-08-09
Date: Mon, 01 Aug 2011 18:57:23 -0400
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 08/01/2011 05:51 PM, Patrick Lauer wrote:
> On 07/29/11 19:55, Fabian Groffen wrote:
>> With a bit more than a week ahead of us for the next council
>> meeting, I'd like to start preparing the agenda, given that current
>> practice still is to send it out a week in advance.
> 
> A small thing which I've brought up for discussion twice (and both
> times it was mostly ignored), but which I'd really like to see
> discussed or even agreed on:
> 
> A simple policy making signed commits mandatory, plus a simple policy
> on key length, permissible encryption/signature algorithms, and a 
> well-defined place where (public) keys are made available for
> verifying and checking the validity of the signatures.
> 
> 
> It would greatly improve the current status quo and remove any
> ambiguity which might motivate people to use a 4-bit key for signing
> to be within the letter of the law.
> 
> 
> Thanks,
> 
> Patrick
> 

I second this.

The Developer's Handbook specifies[1] that a DSA key with a minimum 1024
bit length is required, but not whether 'DSA and Elgamal' or 'DSA (sign
only)' should be used, and it does not specify to which key server the
key must be submitted.

Inquiring minds need to know.

- - Aaron

[1] http://www.gentoo.org/proj/en/devrel/handbook/handbook.xml?part=2&chap=6
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iF4EAREIAAYFAk43L1MACgkQCOhwUhu5AEkRIQD9EEn6+lXi5CHmqxLh0ltCQY41
w9Kh+Ck2KOnH+QDPUvMA/2gL13ROr6fZDgyufKrS6yCA4LFxkigs2d0hAkw9V6ce
=Tm3U
-----END PGP SIGNATURE-----


References:
Preparations Council meeting 2011-08-09
-- Fabian Groffen
Re: Preparations Council meeting 2011-08-09
-- Patrick Lauer
Navigation:
Lists: gentoo-project: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: Preparations Council meeting 2011-08-09
Next by thread:
Re: Preparations Council meeting 2011-08-09
Previous by date:
Re: Preparations Council meeting 2011-08-09
Next by date:
Re: Re: reopening gentoo-council


Updated May 26, 2012

Summary: Archive of the gentoo-project mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.