Re: DM application of Philipp Kaluza
-----BEGIN PGP SIGNED MESSAGE-----
thanks for you checks.
On 31.07.2011 16:42, Aníbal Monsalve Salazar wrote:
> Your key cannot encrypt, please fix this issue.
Before I do that (and I'm not fundamentally opposed to it), I would like
to know: Is it actually an issue ?
The reason why I think this is not actually needed:
- The main use case for this key is signing uploads.
- The standard reasoning for needing encryption subkeys (services want
to send me sensitive mail encrypted) does not seem to apply to DMs (e.g.
I already have an alioth account without it).
- I have a primary key, even better connected in the Debian universe
(and already integrated in my mail reading workflow), that DDs can use
to contact me securely.
- I could not find any information about needing encryption subkeys in
the DM GR or the Wiki page.
- I would like to keep to keep my keyspace as fragmented as it already
is, and not fragment it further. That means only using keys for their
intended purposes, in this case, signing package uploads (and in some
cases, maybe authenticating Uploader-related mails.)
- If I ever do apply to become a DD, it's quite easy to add an
encryption subkey at that time.
So, could you tell me the arguments _for_ adding an encryption subkey,
or point me to the relevant discussion ?
Thank you, much obliged.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----