[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bits from keyring-maint: Pushing keyring updates. Let us bury your old 1024D key!

On Wed, 2014-03-05 at 10:47 +0800, Paul Wise wrote: 
> On Wed, Mar 5, 2014 at 1:55 AM, Xavier Roche wrote:
> 
> > I have a rather silly question: would a mail (signed with this key)
> > request to the DDs who already signed the initial key (and checked the
> > identity) to sign the replacement key considered unreasonable ?
> 
> Considering that the initial keys are now considered weak, I expect
> that it would be reasonable for people to not trust a key transition
> statement where the only available trust anchor is the old weak key.

That is however no reason not to do it - you're still better off than
you were before (equally weak, but with the potential to improve).


Cheers,


Nick
-- 
Nick Phillips / nick.phillips@otago.ac.nz / 03 479 4195
# These statements are mine, not those of the University of Otago
Reply to: