| 1 |
-----BEGIN PGP SIGNED MESSAGE----- |
| 2 |
Hash: SHA256 |
| 3 |
|
| 4 |
On 08/01/2011 05:51 PM, Patrick Lauer wrote: |
| 5 |
> On 07/29/11 19:55, Fabian Groffen wrote: |
| 6 |
>> With a bit more than a week ahead of us for the next council meeting, |
| 7 |
>> I'd like to start preparing the agenda, given that current practice |
| 8 |
>> still is to send it out a week in advance. |
| 9 |
> |
| 10 |
> A small thing which I've brought up for discussion twice (and both times |
| 11 |
> it was mostly ignored), but which I'd really like to see discussed or |
| 12 |
> even agreed on: |
| 13 |
> |
| 14 |
> A simple policy making signed commits mandatory, plus a simple policy on |
| 15 |
> key length, permissible encryption/signature algorithms, and a |
| 16 |
> well-defined place where (public) keys are made available for verifying |
| 17 |
> and checking the validity of the signatures. |
| 18 |
> |
| 19 |
> |
| 20 |
|
| 21 |
IMHO: |
| 22 |
Key Length: 2048 |
| 23 |
Enc/Sig: RSA Signatures, sha256 hashes |
| 24 |
Last part: Still working on that. |
| 25 |
|
| 26 |
Which reminds me, I need to get moving on that. I've been swamped at |
| 27 |
work for the past couple weeks, so I've been scarce. More on all of this |
| 28 |
soon hopefully. |
| 29 |
|
| 30 |
> It would greatly improve the current status quo and remove any ambiguity |
| 31 |
> which might motivate people to use a 4-bit key for signing to be within |
| 32 |
> the letter of the law. |
| 33 |
> |
| 34 |
> |
| 35 |
> Thanks, |
| 36 |
> |
| 37 |
> Patrick |
| 38 |
> |
| 39 |
|
| 40 |
Regards, |
| 41 |
- -- |
| 42 |
Dane Smith (c1pher) |
| 43 |
Gentoo Linux Developer -- QA / Crypto / Sunrise / x86 |
| 44 |
RSA Key: http://pgp.mit.edu:11371/pks/lookup?search=0x0C2E1531&op=index |
| 45 |
-----BEGIN PGP SIGNATURE----- |
| 46 |
Version: GnuPG v2.0.17 (GNU/Linux) |
| 47 |
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ |
| 48 |
|
| 49 |
iQIcBAEBCAAGBQJOOp2bAAoJEEsurZwMLhUx59AP/j30kq84rvYqdY/wX5jB5aTI |
| 50 |
EIZ5hzu4C+/Vug3GdBiYi/OJ8uupY/fx1BobVtfsNl0+xO0bVd7puwzet38nfCHi |
| 51 |
hpKFc0aSUaBv3iBFEBTg5X5ijLLT4YzjNDTbA6RdJDKlJqpr/n1fg7P/UY4CmrqH |
| 52 |
d7mJLUBmzjt6M+BqI/5HsCoRGvL7SPFNZDQFqnT1XvfZ9dWiM7R+OG3Z8rMa+TBh |
| 53 |
kjwE9GR6ABE3RtcLIGbNFNfzAerKTSn1IBzxNVw7K+slInl3PRxrQruyYyffgDk/ |
| 54 |
cpBtn2zbNuqyo2dHBq/Hp8kkJr0ksr5jnevAO973lgq2StuHIxwYQxaY57KV1Rhp |
| 55 |
inYUJGx+ayqSvqZr/8ZEof3QTfNdxhHz8cCCqRx3puNwRRMVSJiuBuriE+u3YYs2 |
| 56 |
Z0WPnxQjRL7/Z88EaSVdgBGIu/oxWjJIToozDk4Mk/A6S24sP84PtUVAO2RAvxfi |
| 57 |
1d40IdIlB6hKtEyh0Qdyt4pYRPJDkIonITexUvgQlCORrUh7yYoJ2rX4h7gxyMcG |
| 58 |
Bl8M9ZjDtzU84ndotV4hMX3E7QwrT6mGfEzO+FiGVCMFucqDo8xRa7NBPkwpoXzP |
| 59 |
16OLooJLBxoUK0Tqde6de2K6zXOBfan47zvyxz/7uLiCf1FEeh8hdwp7uvr1cCHZ |
| 60 |
jQE0VuCmI1L12dbyvAVq |
| 61 |
=zyVH |
| 62 |
-----END PGP SIGNATURE----- |
Archives