1 |
On Sun, 11 Jan 2015 12:06:18 -0500 |
2 |
Rich Freeman <rich0@g.o> wrote: |
3 |
|
4 |
> On Sun, Jan 11, 2015 at 11:43 AM, Brian Dolbec <dolsen@g.o> |
5 |
> wrote: |
6 |
> > Of the remaining devs, only 16 keys total pass the GLEP 63 |
7 |
> > requirements. More info can be found in the First-Use wiki page |
8 |
> > [4] |
9 |
> |
10 |
> If you just create a gpg key with 5yr expiry and otherwise-default |
11 |
> options, typing a larger number into the keysize prompt, do you get a |
12 |
> compliant key? The guides talk about editing your gpg.conf, and it |
13 |
> looks like the tool does it for you, but is any of that necessary to |
14 |
> generate a compliant key? I'd prefer raw gpg commands and not a |
15 |
> script that automates everything. |
16 |
> |
17 |
> Would this work: |
18 |
> gpg --gen-key |
19 |
> option 2 - DSA and Elgamal |
20 |
> size 3072 (the max) |
21 |
> expires 5y |
22 |
> Enter your name, email, and passphrase. |
23 |
> |
24 |
> I've been putting off generating a new key until this all settles |
25 |
> down, and would prefer to mess with it as infrequently as possible. |
26 |
> Most likely I'll just switch to Gentoo-dedicated key for the tree. |
27 |
> |
28 |
|
29 |
Wait for Kristian to reply about the algorythm choice. |
30 |
|
31 |
But for the rest, yes, you don't need gkeys to create your key, It is |
32 |
just most people seem to know little about using gpg, so creating the |
33 |
template where you just filled out name, email, password, makes it easy. |
34 |
|
35 |
From the above, it looks like you also need to create a signing subkey |
36 |
with a preferred 1 yr. expiry. But it can be 5 years max. too. You |
37 |
may also want to add an encryption subkey for encrypted email and such. |
38 |
|
39 |
I added a little more info to the First-Use wiki page, I included a |
40 |
link to a great webpage about setting up gpg keys. |
41 |
|
42 |
https://alexcabal.com/creating-the-perfect-gpg-keypair/ |
43 |
|
44 |
there are lots more, but I like that one, it is clear, concise,... |
45 |
|
46 |
-- |
47 |
Brian Dolbec <dolsen> |