Gentoo Archives: gentoo-dev

From: Rich Freeman <rich0@g.o>
To: gentoo-dev <gentoo-dev@l.g.o>
Cc: "Michał Górny" <mgorny@g.o>
Subject: Re: [gentoo-dev] [PATCH] glep-0063: Require encryption subkey, and make primary certify-only
Date: Tue, 02 Apr 2019 14:03:19
Message-Id: CAGfcS_nxosqbmv+2XK_kyhdDezBFz4d+3ePYku8Zxv3aB+hc=w@mail.gmail.com
In Reply to: [gentoo-dev] [PATCH] glep-0063: Require encryption subkey, and make primary certify-only by "Michał Górny"
1 On Sun, Feb 24, 2019 at 3:35 AM Michał Górny <mgorny@g.o> wrote:
2 >
3 > Following the recent mailing list discussion indicating that developers
4 > are taking GLEP 63 as only source of truth about OpenPGP keys, and can
5 > make assumption that if encryption key is not listed there they should
6 > not have one. Amend the specification to extend it beyond the previous
7 > limited scope of commit signing, and require an encryption key
8 > appropriately. This matches the GnuPG defaults.
9
10 Does GLEP 63 actually match the gpg defaults? That is, if you
11 generate a gpg key and accept every default value will the key be
12 acceptable?
13
14 If not, could we get some updated documentation as to how to generate
15 a minimally compliant key, similar to:
16 https://www.gentoo.org/glep/glep-0063.html#bare-minimum-requirements
17
18 --
19 Rich

Replies