List Archive: gentoo-project
Note: Due to technical difficulties, the Archives are currently not up to date.
provides an alternative service for most mailing lists.c.f. bug 424647
-----BEGIN PGP SIGNED MESSAGE-----
On 08/01/2011 05:51 PM, Patrick Lauer wrote:
> On 07/29/11 19:55, Fabian Groffen wrote:
>> With a bit more than a week ahead of us for the next council meeting,
>> I'd like to start preparing the agenda, given that current practice
>> still is to send it out a week in advance.
> A small thing which I've brought up for discussion twice (and both times
> it was mostly ignored), but which I'd really like to see discussed or
> even agreed on:
> A simple policy making signed commits mandatory, plus a simple policy on
> key length, permissible encryption/signature algorithms, and a
> well-defined place where (public) keys are made available for verifying
> and checking the validity of the signatures.
Key Length: 2048
Enc/Sig: RSA Signatures, sha256 hashes
Last part: Still working on that.
Which reminds me, I need to get moving on that. I've been swamped at
work for the past couple weeks, so I've been scarce. More on all of this
> It would greatly improve the current status quo and remove any ambiguity
> which might motivate people to use a 4-bit key for signing to be within
> the letter of the law.
Dane Smith (c1pher)
Gentoo Linux Developer -- QA / Crypto / Sunrise / x86
RSA Key: http://pgp.mit.edu:11371/pks/lookup?search=0x0C2E1531&op=index
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----