Gentoo Archives: gentoo-dev

From: Patrick Lauer <patrick@g.o>
To: gentoo-dev@l.g.o
Subject: [gentoo-dev] Re: [gentoo-dev-announce] PORTAGE_GPG_KEY strictness
Date: Wed, 17 Oct 2012 01:25:27
Message-Id: 507E0A4F.3050303@gentoo.org
1 On 10/17/12 06:54, Robin H. Johnson wrote:
2 > Hi all,
3 >
4 > One of the items that has come up in the Git conversion, and needs some
5 > attention.
6 >
7 [snip]
8 >
9 > As such, we've decided to make the PORTAGE_GPG_KEY strictly enforce what
10 > was originally intended.
11 >
12 > - You must specify a key or subkey exactly.
13 > - The leading "0x" is optional.
14 > - If you want to use a subkey, per the PGP specifications, you must
15 > suffix your keyid with "!".
16 > - Your keyid is exactly: 8, 16, 24, 32 xor 40 hexdigits long.
17
18 That's nice. Can we also add some basic policies on key format (key
19 length, validity) and get a centrally-hosted keyring?
20
21 Then it'd even make sense for us to start using the whole signing thing
22 now :)
23
24
25 Thanks,
26
27 Patrick

Replies