1 |
commit: aa9614eda3b220f93e50817d0f6d8e81d4795020 |
2 |
Author: Michał Górny <mgorny <AT> gentoo <DOT> org> |
3 |
AuthorDate: Sun Jul 8 18:18:06 2018 +0000 |
4 |
Commit: Michał Górny <mgorny <AT> gentoo <DOT> org> |
5 |
CommitDate: Sun Jul 29 20:07:27 2018 +0000 |
6 |
URL: https://gitweb.gentoo.org/data/glep.git/commit/?id=aa9614ed |
7 |
|
8 |
glep-0063: Unify punctuation |
9 |
|
10 |
Requested-by: Ulrich Müller <ulm <AT> gentoo.org> |
11 |
|
12 |
glep-0063.rst | 22 +++++++++++----------- |
13 |
1 file changed, 11 insertions(+), 11 deletions(-) |
14 |
|
15 |
diff --git a/glep-0063.rst b/glep-0063.rst |
16 |
index ae36d36..c02b89e 100644 |
17 |
--- a/glep-0063.rst |
18 |
+++ b/glep-0063.rst |
19 |
@@ -83,19 +83,19 @@ not be used to commit. |
20 |
at least 256-bit. All subkey self-signatures must use this digest. |
21 |
|
22 |
2. Signing subkey that is different from the primary key, and does not |
23 |
- have any other capabilities enabled |
24 |
+ have any other capabilities enabled. |
25 |
|
26 |
3. Primary key and the signing subkey are both of type EITHER: |
27 |
|
28 |
- a. RSA, >=2048 bits (OpenPGP v4 key format or later only) |
29 |
+ a. RSA, >=2048 bits (OpenPGP v4 key format or later only), |
30 |
|
31 |
- b. ECC curve 25519 |
32 |
+ b. ECC curve 25519. |
33 |
|
34 |
4. Expiration date on key and all subkeys set to no more than 900 days |
35 |
- into the future |
36 |
+ into the future. |
37 |
|
38 |
5. Key expiration date renewed at least 2 weeks before the previous |
39 |
- expiration date |
40 |
+ expiration date. |
41 |
|
42 |
6. Upload your key to the SKS keyserver rotation before usage! |
43 |
|
44 |
@@ -107,9 +107,9 @@ technical reason not to (e.g. hardware limitations, necessity of replacing |
45 |
their primary key). |
46 |
|
47 |
1. Primary key and the signing subkey are both of type RSA, 2048 bits |
48 |
- (OpenPGP v4 key format or later) |
49 |
+ (OpenPGP v4 key format or later). |
50 |
|
51 |
-2. Key expiration renewed annually to a fixed day of the year |
52 |
+2. Key expiration renewed annually to a fixed day of the year. |
53 |
|
54 |
3. Create a revocation certificate & store it hardcopy offsite securely |
55 |
(it's about ~300 bytes). |
56 |
@@ -142,13 +142,13 @@ External documentation |
57 |
|
58 |
Much of the above was driven by the following: |
59 |
|
60 |
-* NIST SP 800-57 recommendations [#NISTSP800571]_, [#NISTSP800572]_ |
61 |
+* NIST SP 800-57 recommendations [#NISTSP800571]_, [#NISTSP800572]_, |
62 |
|
63 |
-* Debian GPG documentation [#DEBIANGPG]_ |
64 |
+* Debian GPG documentation [#DEBIANGPG]_, |
65 |
|
66 |
-* RiseUp.net OpenPGP best practices [#RISEUP]_ |
67 |
+* RiseUp.net OpenPGP best practices [#RISEUP]_, |
68 |
|
69 |
-* ENISA Algorithms, Key Sizes and Parameters Report 2013 [#ENISA2013]_ |
70 |
+* ENISA Algorithms, Key Sizes and Parameters Report 2013 [#ENISA2013]_. |
71 |
|
72 |
References |
73 |
========== |