Hi, On 27.12.2013 00:18, Nick Kew wrote: > What is Debian's view on the relative importance of key size vs breadth > and depth of the WoT surrounding a key? I would tend to find an ancient > 1024-bit key with 100 strong-set sigs much more reassuring than a shiny > new 4096-bit with just 1 (let alone any number of non-strong-set keys)! Debian /requires/ new developers to obtain a key being 2048R at least and urges existing developers migrate to stronger keys, while aiming to keep a solid WoT. Formal and informal keysigning parties on DebConfs and resigning requests are a used practice to transition to stronger keys. Full details are covered in [1][2]. Debian's best practices for a key migration are documented in [3] [1] http://lists.debian.org/debian-devel-announce/2010/09/msg00003.html [2] http://keyring.debian.org/creating-key.html [3] http://keyring.debian.org/replacing_keys.html -- with kind regards, Arno Töll IRC: daemonkeeper on Freenode/OFTC GnuPG Key-ID: 0x9D80F36D
Attachment:
signature.asc
Description: OpenPGP digital signature