1 |
Requested-by: Ulrich Müller <ulm@g.o> |
2 |
--- |
3 |
glep-0063.rst | 22 +++++++++++----------- |
4 |
1 file changed, 11 insertions(+), 11 deletions(-) |
5 |
|
6 |
diff --git a/glep-0063.rst b/glep-0063.rst |
7 |
index ae36d36..c02b89e 100644 |
8 |
--- a/glep-0063.rst |
9 |
+++ b/glep-0063.rst |
10 |
@@ -83,19 +83,19 @@ not be used to commit. |
11 |
at least 256-bit. All subkey self-signatures must use this digest. |
12 |
|
13 |
2. Signing subkey that is different from the primary key, and does not |
14 |
- have any other capabilities enabled |
15 |
+ have any other capabilities enabled. |
16 |
|
17 |
3. Primary key and the signing subkey are both of type EITHER: |
18 |
|
19 |
- a. RSA, >=2048 bits (OpenPGP v4 key format or later only) |
20 |
+ a. RSA, >=2048 bits (OpenPGP v4 key format or later only), |
21 |
|
22 |
- b. ECC curve 25519 |
23 |
+ b. ECC curve 25519. |
24 |
|
25 |
4. Expiration date on key and all subkeys set to no more than 900 days |
26 |
- into the future |
27 |
+ into the future. |
28 |
|
29 |
5. Key expiration date renewed at least 2 weeks before the previous |
30 |
- expiration date |
31 |
+ expiration date. |
32 |
|
33 |
6. Upload your key to the SKS keyserver rotation before usage! |
34 |
|
35 |
@@ -107,9 +107,9 @@ technical reason not to (e.g. hardware limitations, necessity of replacing |
36 |
their primary key). |
37 |
|
38 |
1. Primary key and the signing subkey are both of type RSA, 2048 bits |
39 |
- (OpenPGP v4 key format or later) |
40 |
+ (OpenPGP v4 key format or later). |
41 |
|
42 |
-2. Key expiration renewed annually to a fixed day of the year |
43 |
+2. Key expiration renewed annually to a fixed day of the year. |
44 |
|
45 |
3. Create a revocation certificate & store it hardcopy offsite securely |
46 |
(it's about ~300 bytes). |
47 |
@@ -142,13 +142,13 @@ External documentation |
48 |
|
49 |
Much of the above was driven by the following: |
50 |
|
51 |
-* NIST SP 800-57 recommendations [#NISTSP800571]_, [#NISTSP800572]_ |
52 |
+* NIST SP 800-57 recommendations [#NISTSP800571]_, [#NISTSP800572]_, |
53 |
|
54 |
-* Debian GPG documentation [#DEBIANGPG]_ |
55 |
+* Debian GPG documentation [#DEBIANGPG]_, |
56 |
|
57 |
-* RiseUp.net OpenPGP best practices [#RISEUP]_ |
58 |
+* RiseUp.net OpenPGP best practices [#RISEUP]_, |
59 |
|
60 |
-* ENISA Algorithms, Key Sizes and Parameters Report 2013 [#ENISA2013]_ |
61 |
+* ENISA Algorithms, Key Sizes and Parameters Report 2013 [#ENISA2013]_. |
62 |
|
63 |
References |
64 |
========== |
65 |
-- |
66 |
2.18.0 |