On Thu, Feb 16, 2012 at 06:50:04PM +0100, Richard Hartmann wrote: >My GnuPG key DFCA34A3 is signed by the Debian Developers: pub 1024D/DFCA34A3 2007-10-07 [expires: 2012-10-05] Key fingerprint = FE23 BE62 DF18 72FB C58D D637 FFAE 0427 DFCA 34A3 [...] Key has only 1024 bits. This is not acceptable if the application was started after October 1st, 2010 (see [KM] for details). This is an DSA key. This might need an explanation (see [KM] for details). [KM] http://lists.debian.org/debian-devel-announce/2010/09/msg00003.html Valid "e" flag, expires Sat 06 Oct 2012 07:20:39 EST. Valid "s" flag, expires Sat 06 Oct 2012 07:20:39 EST. . ######################################################################### ### There are problems with the key that might make it unusable for ### ### inclusion in the Debian keyring or usage with Debian's LDAP ### ### directory. If unsure, please get in touch with the NM front-desk ### ### new-maintainer@debian.org to resolve these problems. ### ### (Please do not include this notice in the AM report.) ### ######################################################################### Please create a 4K RSA key. See http://keyring.debian.org/creating-key.html If you would like to migrate your WoT, you should read "HOWTO prep for migration off of SHA-1 in OpenPGP" at http://www.debian-administration.org/users/dkg/weblog/48.
Attachment:
signature.asc
Description: Digital signature