1 |
commit: 796f258aac7e71263f62ba83535f6811a07fe51a |
2 |
Author: Michał Górny <mgorny <AT> gentoo <DOT> org> |
3 |
AuthorDate: Wed Jul 4 11:31:15 2018 +0000 |
4 |
Commit: Michał Górny <mgorny <AT> gentoo <DOT> org> |
5 |
CommitDate: Sun Jul 29 20:07:25 2018 +0000 |
6 |
URL: https://gitweb.gentoo.org/data/glep.git/commit/?id=796f258a |
7 |
|
8 |
glep-0063: Split out the signing subkey into a separate point |
9 |
|
10 |
Reword the specification to express the requirement for separate signing |
11 |
subkey more verbosely. Replace the ambiguous term 'dedicated' with |
12 |
clear explanation that it needs to be different from the primary key |
13 |
and not used for other purposes. |
14 |
|
15 |
Suggested-by: Kristian Fiskerstrand <k_f <AT> gentoo.org> |
16 |
|
17 |
glep-0063.rst | 11 +++++++---- |
18 |
1 file changed, 7 insertions(+), 4 deletions(-) |
19 |
|
20 |
diff --git a/glep-0063.rst b/glep-0063.rst |
21 |
index 8542031..14541d7 100644 |
22 |
--- a/glep-0063.rst |
23 |
+++ b/glep-0063.rst |
24 |
@@ -46,15 +46,18 @@ Bare minimum requirements |
25 |
|
26 |
personal-digest-preferences SHA256 |
27 |
|
28 |
-2. Primary key and signing subkey of EITHER: |
29 |
+2. Signing subkey that is different from the primary key, and does not |
30 |
+ have any other capabilities enabled |
31 |
+ |
32 |
+3. Primary key and the signing subkey are both of type EITHER: |
33 |
|
34 |
a. DSA, 2048-bit |
35 |
|
36 |
b. RSA, >=2048 bits (OpenPGP v4 key format or later only) |
37 |
|
38 |
-3. Key expiry: 5 years maximum |
39 |
+4. Key expiry: 5 years maximum |
40 |
|
41 |
-4. Upload your key to the SKS keyserver rotation before usage! |
42 |
+5. Upload your key to the SKS keyserver rotation before usage! |
43 |
|
44 |
Recommendations |
45 |
--------------- |
46 |
@@ -106,7 +109,7 @@ Recommendations |
47 |
|
48 |
This may require creating an entirely new key. |
49 |
|
50 |
-3. Dedicated signing subkey of EITHER: |
51 |
+3. The signing subkey of EITHER: |
52 |
|
53 |
a. DSA 2048 bits exactly. |