Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-project
Navigation:
Lists: gentoo-project: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-project@g.o
From: Patrick Lauer <patrick@g.o>
Subject: Re: Preparations Council meeting 2011-08-09
Date: Thu, 04 Aug 2011 16:33:43 +0200
On 08/04/11 15:24, Dane Smith wrote:
>> A small thing which I've brought up for discussion twice (and both times
>> it was mostly ignored), but which I'd really like to see discussed or
>> even agreed on:
>>
>> A simple policy making signed commits mandatory, plus a simple policy on
>> key length, permissible encryption/signature algorithms, and a
>> well-defined place where (public) keys are made available for verifying
>> and checking the validity of the signatures.
>>
>>
> 
> IMHO:
> Key Length: 2048
> Enc/Sig: RSA Signatures, sha256 hashes
As a first iteration I think this is "good enough", we can still discuss
the finer details (but I think that'll mostly be bikeshedding and should
not stop us now from defining an initial standard)

> Last part: Still working on that.

Can we store the keys in LDAP ?
If yes it would be trivial to write a cute little script that just
generates a tarball of them all and put it somewhere in the public webspace.





Replies:
Re: Preparations Council meeting 2011-08-09
-- Donnie Berkholz
References:
Preparations Council meeting 2011-08-09
-- Fabian Groffen
Re: Preparations Council meeting 2011-08-09
-- Patrick Lauer
Re: Preparations Council meeting 2011-08-09
-- Dane Smith
Navigation:
Lists: gentoo-project: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: Preparations Council meeting 2011-08-09
Next by thread:
Re: Preparations Council meeting 2011-08-09
Previous by date:
Re: Preparations Council meeting 2011-08-09
Next by date:
Re: Preparations Council meeting 2011-08-09


Updated Jul 05, 2012

Summary: Archive of the gentoo-project mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.