[gentoo-commits] proj/api:master commit in: files/gentoo-keys/specs/ - gentoo-commits

From:	Pavlos Ratis <dastergon@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] proj/api:master commit in: files/gentoo-keys/specs/
Date:	Thu, 27 Nov 2014 11:39:38
Message-Id:	`1417088274.be03b7085d02d1b4491ebb0c529830677f70bad4.dastergon@gentoo`

1

commit:     be03b7085d02d1b4491ebb0c529830677f70bad4

2

Author:     Pavlos Ratis <dastergon <AT> gentoo <DOT> org>

3

AuthorDate: Thu Nov 27 11:37:05 2014 +0000

4

Commit:     Pavlos Ratis <dastergon <AT> gentoo <DOT> org>

5

CommitDate: Thu Nov 27 11:37:54 2014 +0000

6

URL:        http://sources.gentoo.org/gitweb/?p=proj/api.git;a=commit;h=be03b708

7

8

add glep63 spec files

9

10

Signed-off-by: Pavlos Ratis <dastergon <AT> gentoo.org>

11

12

---

13

 files/gentoo-keys/specs/glep63-gpg-conf.skel     |  44 +++++++++++++++++++++++

14

 files/gentoo-keys/specs/glep63-gpg-conf.skel.sig | Bin 0 -> 639 bytes

15

 files/gentoo-keys/specs/glep63.spec              |  13 +++++++

16

 files/gentoo-keys/specs/glep63.spec.sig          | Bin 0 -> 639 bytes

17

 4 files changed, 57 insertions(+)

18

19

diff --git a/files/gentoo-keys/specs/glep63-gpg-conf.skel b/files/gentoo-keys/specs/glep63-gpg-conf.skel

20

new file mode 100644

21

index 0000000..73e8708

22

--- /dev/null

23

+++ b/files/gentoo-keys/specs/glep63-gpg-conf.skel

24

@@ -0,0 +1,44 @@

25

+#################################################

26

+# GLEP 63 specifications for OpenPGP key creation

27

+#################################################

28

+

29

+# Keyserver

30

+keyserver pool.sks-keyservers.net

31

+

32

+emit-version

33

+

34

+default-recipient-self

35

+

36

+# -- All of the below portion from the RiseUp.net OpenPGP best practices, and

37

+# -- many of them are also in the Debian GPG documentation.

38

+

39

+# when outputting certificates, view user IDs distinctly from keys:

40

+fixed-list-mode

41

+

42

+# Long keyids are more collision-resistant than short keyids (it's trivial to make a key

43

+# with any desired short keyid)

44

+# NOTE: this breaks KMail GnuPG support!

45

+keyid-format 0xlong

46

+

47

+# When multiple digests are supported by all recipients, choose the strongest one:

48

+personal-digest-preferences SHA512 SHA384 SHA256 SHA224

49

+

50

+# Preferences chosen for new keys should prioritize stronger algorithms: 

51

+default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 BZIP2 ZLIB ZIP Uncompressed

52

+

53

+# If you use a graphical environment (and even if you don't) you should be using an agent:

54

+# (similar arguments as  https://www.debian-administration.org/users/dkg/weblog/64)

55

+use-agent

56

+

57

+# You should always know at a glance which User IDs gpg thinks are legitimately bound to 

58

+# the keys in your keyring:

59

+verify-options show-uid-validity

60

+list-options show-uid-validity

61

+

62

+# Include an unambiguous indicator of which key made a signature:

63

+# (see http://thread.gmane.org/gmane.mail.notmuch.general/3721/focus=7234)

64

+# (and http://www.ietf.org/mail-archive/web/openpgp/current/msg00405.html)

65

+sig-notation issuer-fpr@×××××××××××××××××××××××××××××××.net=%g

66

+

67

+# When making an OpenPGP certification, use a stronger digest than the default SHA1:

68

+cert-digest-algo SHA256

69

70

diff --git a/files/gentoo-keys/specs/glep63-gpg-conf.skel.sig b/files/gentoo-keys/specs/glep63-gpg-conf.skel.sig

71

new file mode 100644

72

index 0000000..493a5d7

73

Binary files /dev/null and b/files/gentoo-keys/specs/glep63-gpg-conf.skel.sig differ

74

75

diff --git a/files/gentoo-keys/specs/glep63.spec b/files/gentoo-keys/specs/glep63.spec

76

new file mode 100644

77

index 0000000..2b4fc45

78

--- /dev/null

79

+++ b/files/gentoo-keys/specs/glep63.spec

80

@@ -0,0 +1,13 @@

81

+<GnupgKeyParms format="internal">

82

+    Key-Type: RSA

83

+    Key-Length: 4096

84

+    Expire-Date: 36m

85

+    Key-Usage: ,

86

+    Subkey-Type: RSA

87

+    Subkey-Length: 4096

88

+    Subkey-Usage: sign

89

+    Name-Real: {0}

90

+    Name-Email: {1}

91

+    %ask-passphrase

92

+</GnupgKeyParms>

93

+

94

95

diff --git a/files/gentoo-keys/specs/glep63.spec.sig b/files/gentoo-keys/specs/glep63.spec.sig

96

new file mode 100644

97

index 0000000..82b8b8f

98

Binary files /dev/null and b/files/gentoo-keys/specs/glep63.spec.sig differ

1	commit: be03b7085d02d1b4491ebb0c529830677f70bad4
2	Author: Pavlos Ratis <dastergon <AT> gentoo <DOT> org>
3	AuthorDate: Thu Nov 27 11:37:05 2014 +0000
4	Commit: Pavlos Ratis <dastergon <AT> gentoo <DOT> org>
5	CommitDate: Thu Nov 27 11:37:54 2014 +0000
6	URL: http://sources.gentoo.org/gitweb/?p=proj/api.git;a=commit;h=be03b708
7
8	add glep63 spec files
9
10	Signed-off-by: Pavlos Ratis <dastergon <AT> gentoo.org>
11
12	---
13	files/gentoo-keys/specs/glep63-gpg-conf.skel \| 44 +++++++++++++++++++++++
14	files/gentoo-keys/specs/glep63-gpg-conf.skel.sig \| Bin 0 -> 639 bytes
15	files/gentoo-keys/specs/glep63.spec \| 13 +++++++
16	files/gentoo-keys/specs/glep63.spec.sig \| Bin 0 -> 639 bytes
17	4 files changed, 57 insertions(+)
18
19	diff --git a/files/gentoo-keys/specs/glep63-gpg-conf.skel b/files/gentoo-keys/specs/glep63-gpg-conf.skel
20	new file mode 100644
21	index 0000000..73e8708
22	--- /dev/null
23	+++ b/files/gentoo-keys/specs/glep63-gpg-conf.skel
24	@@ -0,0 +1,44 @@
25	+#################################################
26	+# GLEP 63 specifications for OpenPGP key creation
27	+#################################################
28	+
29	+# Keyserver
30	+keyserver pool.sks-keyservers.net
31	+
32	+emit-version
33	+
34	+default-recipient-self
35	+
36	+# -- All of the below portion from the RiseUp.net OpenPGP best practices, and
37	+# -- many of them are also in the Debian GPG documentation.
38	+
39	+# when outputting certificates, view user IDs distinctly from keys:
40	+fixed-list-mode
41	+
42	+# Long keyids are more collision-resistant than short keyids (it's trivial to make a key
43	+# with any desired short keyid)
44	+# NOTE: this breaks KMail GnuPG support!
45	+keyid-format 0xlong
46	+
47	+# When multiple digests are supported by all recipients, choose the strongest one:
48	+personal-digest-preferences SHA512 SHA384 SHA256 SHA224
49	+
50	+# Preferences chosen for new keys should prioritize stronger algorithms:
51	+default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 BZIP2 ZLIB ZIP Uncompressed
52	+
53	+# If you use a graphical environment (and even if you don't) you should be using an agent:
54	+# (similar arguments as https://www.debian-administration.org/users/dkg/weblog/64)
55	+use-agent
56	+
57	+# You should always know at a glance which User IDs gpg thinks are legitimately bound to
58	+# the keys in your keyring:
59	+verify-options show-uid-validity
60	+list-options show-uid-validity
61	+
62	+# Include an unambiguous indicator of which key made a signature:
63	+# (see http://thread.gmane.org/gmane.mail.notmuch.general/3721/focus=7234)
64	+# (and http://www.ietf.org/mail-archive/web/openpgp/current/msg00405.html)
65	+sig-notation issuer-fpr@×××××××××××××××××××××××××××××××.net=%g
66	+
67	+# When making an OpenPGP certification, use a stronger digest than the default SHA1:
68	+cert-digest-algo SHA256
69
70	diff --git a/files/gentoo-keys/specs/glep63-gpg-conf.skel.sig b/files/gentoo-keys/specs/glep63-gpg-conf.skel.sig
71	new file mode 100644
72	index 0000000..493a5d7
73	Binary files /dev/null and b/files/gentoo-keys/specs/glep63-gpg-conf.skel.sig differ
74
75	diff --git a/files/gentoo-keys/specs/glep63.spec b/files/gentoo-keys/specs/glep63.spec
76	new file mode 100644
77	index 0000000..2b4fc45
78	--- /dev/null
79	+++ b/files/gentoo-keys/specs/glep63.spec
80	@@ -0,0 +1,13 @@
81	+<GnupgKeyParms format="internal">
82	+ Key-Type: RSA
83	+ Key-Length: 4096
84	+ Expire-Date: 36m
85	+ Key-Usage: ,
86	+ Subkey-Type: RSA
87	+ Subkey-Length: 4096
88	+ Subkey-Usage: sign
89	+ Name-Real: {0}
90	+ Name-Email: {1}
91	+ %ask-passphrase
92	+</GnupgKeyParms>
93	+
94
95	diff --git a/files/gentoo-keys/specs/glep63.spec.sig b/files/gentoo-keys/specs/glep63.spec.sig
96	new file mode 100644
97	index 0000000..82b8b8f
98	Binary files /dev/null and b/files/gentoo-keys/specs/glep63.spec.sig differ

Gentoo Archives: gentoo-commits