[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: When to update public key?

Thomas Goirand dijo [Sat, May 07, 2011 at 04:49:52PM +0800]:
> On 05/07/2011 10:42 AM, Andres Mejia wrote:
> > Thank you. I did have some concern that my NM application would be
> > rejected because of my old key. It is a 1024 bit key and it's only
> > signed by a single person. I saw that someone else had his application
> > rejected for what looks to be a reason which is similar to my
> > situation. See [1]. My new key however is 4096 bits and signed by
> > several people to include one DD. I had trouble convincing these same
> > people to sign my old key.
> I don't see why the NM would stop for such a reason, as you are identified
> already, however, you might run into trouble to have your 1024 bits key
> uploaded to the keyring. I would suggest you to get your new 4096 bits
> key signed by more DD if possible, so when you finish the NM process,
> you at least have a solution.

FWIW, as keyring-maint, I agree with Thomas here. If you already
started your NM process and your key was accepted for identification,
when you finish NM, DAM will request us to add your key to the
keyring. We might not love adding a new 1024D key, but we will do it
(as we trust the process started before the deadline we set).

You can otherwise also ask your AM to re-do the identification part
with your new key - The process will be up to him. In any case, if he
accepted your 1024D key, you can present a mail signed with your OLD
key, stating the full fingerprint for both keys and the reasons for
the change. Do this when the new key has already been signed by a DD.

Please note that, although your key can be accepted as new with only
one signature, in order to replace your key we require two (to protect
your identity to be "stolen" by a single evil-minded DDs. Yes, we do
have evil-minded DDs!)

Attachment: signature.asc
Description: Digital signature

Reply to: