Gentoo Archives: gentoo-project

From: Dane Smith <c1pher@g.o>
To: gentoo-project@l.g.o
Subject: Re: [gentoo-project] Preparations Council meeting 2011-08-09
Date: Thu, 04 Aug 2011 13:26:10
In Reply to: Re: [gentoo-project] Preparations Council meeting 2011-08-09 by Patrick Lauer
Hash: SHA256

On 08/01/2011 05:51 PM, Patrick Lauer wrote:
> On 07/29/11 19:55, Fabian Groffen wrote: >> With a bit more than a week ahead of us for the next council meeting, >> I'd like to start preparing the agenda, given that current practice >> still is to send it out a week in advance. > > A small thing which I've brought up for discussion twice (and both times > it was mostly ignored), but which I'd really like to see discussed or > even agreed on: > > A simple policy making signed commits mandatory, plus a simple policy on > key length, permissible encryption/signature algorithms, and a > well-defined place where (public) keys are made available for verifying > and checking the validity of the signatures. > >
IMHO: Key Length: 2048 Enc/Sig: RSA Signatures, sha256 hashes Last part: Still working on that. Which reminds me, I need to get moving on that. I've been swamped at work for the past couple weeks, so I've been scarce. More on all of this soon hopefully.
> It would greatly improve the current status quo and remove any ambiguity > which might motivate people to use a 4-bit key for signing to be within > the letter of the law. > > > Thanks, > > Patrick >
Regards, - -- Dane Smith (c1pher) Gentoo Linux Developer -- QA / Crypto / Sunrise / x86 RSA Key: -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (GNU/Linux) Comment: Using GnuPG with Mozilla - iQIcBAEBCAAGBQJOOp2bAAoJEEsurZwMLhUx59AP/j30kq84rvYqdY/wX5jB5aTI EIZ5hzu4C+/Vug3GdBiYi/OJ8uupY/fx1BobVtfsNl0+xO0bVd7puwzet38nfCHi hpKFc0aSUaBv3iBFEBTg5X5ijLLT4YzjNDTbA6RdJDKlJqpr/n1fg7P/UY4CmrqH d7mJLUBmzjt6M+BqI/5HsCoRGvL7SPFNZDQFqnT1XvfZ9dWiM7R+OG3Z8rMa+TBh kjwE9GR6ABE3RtcLIGbNFNfzAerKTSn1IBzxNVw7K+slInl3PRxrQruyYyffgDk/ cpBtn2zbNuqyo2dHBq/Hp8kkJr0ksr5jnevAO973lgq2StuHIxwYQxaY57KV1Rhp inYUJGx+ayqSvqZr/8ZEof3QTfNdxhHz8cCCqRx3puNwRRMVSJiuBuriE+u3YYs2 Z0WPnxQjRL7/Z88EaSVdgBGIu/oxWjJIToozDk4Mk/A6S24sP84PtUVAO2RAvxfi 1d40IdIlB6hKtEyh0Qdyt4pYRPJDkIonITexUvgQlCORrUh7yYoJ2rX4h7gxyMcG Bl8M9ZjDtzU84ndotV4hMX3E7QwrT6mGfEzO+FiGVCMFucqDo8xRa7NBPkwpoXzP 16OLooJLBxoUK0Tqde6de2K6zXOBfan47zvyxz/7uLiCf1FEeh8hdwp7uvr1cCHZ jQE0VuCmI1L12dbyvAVq =zyVH -----END PGP SIGNATURE-----


Subject Author
Re: [gentoo-project] Preparations Council meeting 2011-08-09 Patrick Lauer <patrick@g.o>