Re: When to update public key?

To: Niels Thykier <niels@thykier.net>, debian-newmaint@lists.debian.org
Subject: Re: When to update public key?
From: Andres Mejia <mcitadel@gmail.com>
Date: Fri, 6 May 2011 10:57:54 -0400
Message-id: <[🔎] BANLkTiksDvr-wDJscheCeWonW+rNL5s-2Q@mail.gmail.com>
In-reply-to: <4DC3A11F.3080609@thykier.net>
References: <201105052135.39000.mcitadel@gmail.com> <4DC3A11F.3080609@thykier.net>

On Fri, May 6, 2011 at 3:19 AM, Niels Thykier <niels@thykier.net> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> On 2011-05-06 03:35, Andres Mejia wrote:
>> Hi all,
>>
>> I want to update my outdated public key signed by one DD (it's a 1024D key). I
>> already have a new key (4096R key) signed by at least one other DD (not the
>> same DD). I've signed my new key with my old key. Would this technically count
>> as signatures from 2 DDs?
>>
>> Also, I'm still in the NM process. Should I wait until I complete the NM
>> process or can I update my key now?
>>
>
> Hi
>
> In your case I would get it done as a part of the NM process (in fact, I
> did this myself when I was in the NM).  Tell your AM that you would like
> to change to your new key and he/she should be able to set it up.
>  Note that you will have to sign the agreement to the social
> contract/Machine policies etc. with the new key.
>
> ~Niels
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.11 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iQIcBAEBCAAGBQJNw6EeAAoJEAVLu599gGRCTKUP+gJHEEzA9VTh94+hr9QH4+Gl
> +Vo5FCHwyXkPoqOM0Hn5r+TDG1sl3XG5X69ED7skGozZ1KT15Fy2SdNGbwhKzPk5
> I6WMJ3U+QqbFx3/HCoBZQwWTd7Shku7hlQXzZEgHLYUfqsYBsa0Bvj7gsPXn4Ssa
> 5aWMkmKXom+da7KDeUel26YpK11zdQcaH5kU8JqcUGvLVP0ndEmOEjbC0OND0j0I
> ubi0Wk8cljF55j3N8AExNPU6KpHh6eyQoPSLQTGOYFEuHz4gjRJfFY1KTilv5biD
> eMeMf2f8QI5p0OpoaCWSz275RWbL6ygp9XO565JEOEySnX8ha6K73gbGw1tjBKss
> ayUVrONyooPSGkAq2Tn4fe9nLFq3qicKPM5wNfjWSKkYMJwUCohWrYIJ1ZCDGINU
> 6Q4AVxAcSX66iOB+LD/cfukvNvcTnMCOULP9SqjQ7EWoOsv2UiA/c4y63b7PoU3O
> k8iQzxJGcYyxPr3LrZ2/LgXELByPT45lFVZReYULd7UsdwsdAw6F7L8zhNsPKi/u
> 69e9Ce3fucomGXZONEVFZoqi9Erem8TaaFWMhy+6kSlrVDIukhDqvPJ5Jm/cI0si
> D2OYgf0hPs8gHDsTrlUHpz4SSErYUCoj1Hhyga8bnRahhADA7suvlEKPg681NXeO
> dhPnZuVxphnIX3xPq5VV
> =DKoy
> -----END PGP SIGNATURE-----
>
>
> --
> To UNSUBSCRIBE, email to debian-mentors-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> Archive: http://lists.debian.org/4DC3A11F.3080609@thykier.net
>
>

Well, I had some concern that my NM application would be rejected
because my old key (which is the key currently used for the NM
process) is signed by only one person total. There's also the issue
that my old key is not the recommended strength (it is a 1024 key). My
new key is signed by at least one DD, as well as several other people.

I see someone else recently had their application rejected for reasons
that relate to the situation I'm in. See [1].

1. https://nm.debian.org/nmstatus.php?email=stephen_leake%40stephe-leake.org

-- 
Regards,
Andres Mejia

Reply to:

Prev by Date: DM application of Thomas Preud'homme
Next by Date: Re: When to update public key?
Previous by thread: Re: When to update public key?
Next by thread: NM Report for Week Ending 08 May 2011
Index(es):
- Date
- Thread