Re: Removing < 2048 bit keys from the Debian keyrings

To: debian-devel@lists.debian.org
Subject: Re: Removing < 2048 bit keys from the Debian keyrings
From: Matthias Urlichs <matthias@urlichs.de>
Date: Tue, 2 Sep 2014 12:28:15 +0200
Message-id: <[🔎] 20140902102815.GE21692@smurf.noris.de>
In-reply-to: <20140831200905.GC6388@jwilk.net>
References: <20140831033154.GJ13074@earth.li> <20140831200905.GC6388@jwilk.net>

Hi,

Jakub Wilk:
> Do you have any non-joke documentation about signing responsibly?
> 
Signing a key is equivalent to saying that you think that the key belongs
to a particular individual and/or identity.

Whether that means "I regularly hang out with them at DebConf" or
"I met them in a keysigning queue last year, and their driver's license
from $STATE looked reasonably legit" is up to you; there's a GPG option
(via the the *-cert-level options, see 'man gpg') to state how carefully
you did verify their identity, but ultimately it's up to you.

-- 
-- Matthias Urlichs

Reply to:

Follow-Ups:
- Re: Removing < 2048 bit keys from the Debian keyrings
  - From: Manoj Srivastava <srivasta@debian.org>

Prev by Date: Re: Base binary packages using xz instead of gzip
Next by Date: Re: Base binary packages using xz instead of gzip
Previous by thread: Re: Removing < 2048 bit keys from the Debian keyrings
Next by thread: Re: Removing < 2048 bit keys from the Debian keyrings
Index(es):
- Date
- Thread