Re: Debian preferred maintainer pgp key parameters?
Bill> I'm intending to start changing change the maintainer address
Bill> on my packages to "Bill Mitchell <firstname.lastname@example.org>".
Bill> Since this will involve generating a new pgp key, I'd like to
Bill> use whatever key parameters are preferred for Debian maintainers.
No, don't do that!
Generating a new key, only for changing your e-Mail address is overkill
(I'm almost sure, there is >= 1 grammatical bug in the previous sentence).
Citing _PGP Pretty Good Privacy_, p 178ff (ISBN 1-56592-098-8):
Changing Your user ID (-ke option):
Enter the key's user ID: you
Enter pass phrase: xxx
Do you want to add a new user ID (y/N)? y
Enter the new user id: email@example.com
Make this user ID the primary user ID for this key (y/N)? y
Do you want to change your pass phrase (y/N)? n
If you regenerate a new key,
i) everybody thinks that your old one was compromised, and, even worse
ii) the old key might not match, and -- furthermore --
iii) you might have some old keys on the key-server.
Bill> What's preferred -- 512, 768, or 1024 bits?
Hope this helps,
PS: CC'ing to debian-devel, since this information might be interesting
for others too.
David Frey <firstname.lastname@example.org>