Note: Due to technical difficulties, the Archives are currently not up to date.
GMANE provides an alternative service for most mailing lists. c.f. bug 424647
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 08/01/2011 05:51 PM, Patrick Lauer wrote:
> On 07/29/11 19:55, Fabian Groffen wrote:
>> With a bit more than a week ahead of us for the next council meeting,
>> I'd like to start preparing the agenda, given that current practice
>> still is to send it out a week in advance.
>
> A small thing which I've brought up for discussion twice (and both times
> it was mostly ignored), but which I'd really like to see discussed or
> even agreed on:
>
> A simple policy making signed commits mandatory, plus a simple policy on
> key length, permissible encryption/signature algorithms, and a
> well-defined place where (public) keys are made available for verifying
> and checking the validity of the signatures.
>
>
IMHO:
Key Length: 2048
Enc/Sig: RSA Signatures, sha256 hashes
Last part: Still working on that.
Which reminds me, I need to get moving on that. I've been swamped at
work for the past couple weeks, so I've been scarce. More on all of this
soon hopefully.
> It would greatly improve the current status quo and remove any ambiguity
> which might motivate people to use a 4-bit key for signing to be within
> the letter of the law.
>
>
> Thanks,
>
> Patrick
>
Regards,
- --
Dane Smith (c1pher)
Gentoo Linux Developer -- QA / Crypto / Sunrise / x86
RSA Key: http://pgp.mit.edu:11371/pks/lookup?search=0x0C2E1531&op=index
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQIcBAEBCAAGBQJOOp2bAAoJEEsurZwMLhUx59AP/j30kq84rvYqdY/wX5jB5aTI
EIZ5hzu4C+/Vug3GdBiYi/OJ8uupY/fx1BobVtfsNl0+xO0bVd7puwzet38nfCHi
hpKFc0aSUaBv3iBFEBTg5X5ijLLT4YzjNDTbA6RdJDKlJqpr/n1fg7P/UY4CmrqH
d7mJLUBmzjt6M+BqI/5HsCoRGvL7SPFNZDQFqnT1XvfZ9dWiM7R+OG3Z8rMa+TBh
kjwE9GR6ABE3RtcLIGbNFNfzAerKTSn1IBzxNVw7K+slInl3PRxrQruyYyffgDk/
cpBtn2zbNuqyo2dHBq/Hp8kkJr0ksr5jnevAO973lgq2StuHIxwYQxaY57KV1Rhp
inYUJGx+ayqSvqZr/8ZEof3QTfNdxhHz8cCCqRx3puNwRRMVSJiuBuriE+u3YYs2
Z0WPnxQjRL7/Z88EaSVdgBGIu/oxWjJIToozDk4Mk/A6S24sP84PtUVAO2RAvxfi
1d40IdIlB6hKtEyh0Qdyt4pYRPJDkIonITexUvgQlCORrUh7yYoJ2rX4h7gxyMcG
Bl8M9ZjDtzU84ndotV4hMX3E7QwrT6mGfEzO+FiGVCMFucqDo8xRa7NBPkwpoXzP
16OLooJLBxoUK0Tqde6de2K6zXOBfan47zvyxz/7uLiCf1FEeh8hdwp7uvr1cCHZ
jQE0VuCmI1L12dbyvAVq
=zyVH
-----END PGP SIGNATURE-----
|
|
