On Tue, May 12, 2009 at 01:25:53AM +0200, Cyril Brulebois wrote: > Quoting the mail fully for the added recipients. Looks like Charles was > too shy to do so. Thanks. I only follow -project sporadically. > Charles Plessy <plessy@debian.org> (12/05/2009): > > Dear all, > > > > I am getting quite confused after reading the many blog announcements > > about changing PGP keys for security reasons. Is it possible to get a > > somewhat official advice from the Project to its thousand of > > developers? In particular, a word from the keyring maintainers would > > be very helpful. I'm working on something to post to d-d-a, but have had a few disagreements in review comments I'd like to get resolved before going ahead. I hope to have it sorted in the next few days. I'm not panicking though. I'm more concerned about trying to rid ourselves of the remaining PGPv3 keys (the ones in debian-keyring.pgp). I sent out a bunch of mails recently to people who have both v3 and v4 keys asking if their v3 keys could be removed immediately without causing them disruption, but fewer than half the recipients have replied so far. If you're one of the ones who hasn't then please do so. Also if you're one of the people who only has a v3 key present then I'd definitely be thinking about getting a nice shiny new key sorted out and well linked into the web of trust. J. -- Web [ I like my copyright infringements to be patent free. ] site: http:// [ ] Made by www.earth.li/~noodles/ [ ] HuggieTag 0.0.23
Attachment:
signature.asc
Description: Digital signature