Re: When to update public key?
On Fri, May 6, 2011 at 3:19 AM, Niels Thykier <firstname.lastname@example.org> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
> On 2011-05-06 03:35, Andres Mejia wrote:
>> Hi all,
>> I want to update my outdated public key signed by one DD (it's a 1024D key). I
>> already have a new key (4096R key) signed by at least one other DD (not the
>> same DD). I've signed my new key with my old key. Would this technically count
>> as signatures from 2 DDs?
>> Also, I'm still in the NM process. Should I wait until I complete the NM
>> process or can I update my key now?
> In your case I would get it done as a part of the NM process (in fact, I
> did this myself when I was in the NM). Tell your AM that you would like
> to change to your new key and he/she should be able to set it up.
> Note that you will have to sign the agreement to the social
> contract/Machine policies etc. with the new key.
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.11 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
> -----END PGP SIGNATURE-----
> To UNSUBSCRIBE, email to debian-mentors-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact email@example.com
> Archive: http://lists.debian.org/4DC3A11F.firstname.lastname@example.org
Well, I had some concern that my NM application would be rejected
because my old key (which is the key currently used for the NM
process) is signed by only one person total. There's also the issue
that my old key is not the recommended strength (it is a 1024 key). My
new key is signed by at least one DD, as well as several other people.
I see someone else recently had their application rejected for reasons
that relate to the situation I'm in. See .