Re: State of the debian keyring

To: Ian Jackson <ijackson@chiark.greenend.org.uk>
Cc: Gunnar Wolf <gwolf@gwolf.org>, Matthias Urlichs <smurf@smurf.noris.de>, Bart Martens <bartm@debian.org>, debian-project@lists.debian.org
Subject: Re: State of the debian keyring
From: Raphael Hertzog <hertzog@debian.org>
Date: Mon, 24 Feb 2014 20:37:00 +0100
Message-id: <20140224193700.GA15141@x230-buxy.home.ouaza.com>
Mail-followup-to: Ian Jackson <ijackson@chiark.greenend.org.uk>, Gunnar Wolf <gwolf@gwolf.org>, Matthias Urlichs <smurf@smurf.noris.de>, Bart Martens <bartm@debian.org>, debian-project@lists.debian.org
In-reply-to: <21259.34853.289374.378737@chiark.greenend.org.uk>
References: <20140123220729.GA25523@scru.org> <20140222224148.GA2130@scru.org> <20140222234641.GA31478@roeckx.be> <20140223003506.GE30391@gwolf.org> <lec9ll$hlh$1@posted-at.bofh.it> <20140223081228.GA1049@master.debian.org> <20140223092346.GA3116@smurf.noris.de> <20140223150449.GD32426@gwolf.org> <21259.34853.289374.378737@chiark.greenend.org.uk>

On Mon, 24 Feb 2014, Ian Jackson wrote:
> It can increase security because it can make operations more
> convenient at the same level of security, and because people trade off
> convenience for security.
> 
> For example, it would be possible to have one key for email encryption
> and a different (more secure) key for package uploads.

This is already possible with subkeys. That said subkeys of a 1024 bits
master key can't really be trusted, even if they are bigger.

Cheers,
-- 
Raphaël Hertzog ◈ Debian Developer

Discover the Debian Administrator's Handbook:
→ http://debian-handbook.info/get/

Reply to:

References:
- Re: State of the debian keyring
  - From: Clint Adams <clint@debian.org>
- Re: State of the debian keyring
  - From: Kurt Roeckx <kurt@roeckx.be>
- Re: State of the debian keyring
  - From: Gunnar Wolf <gwolf@gwolf.org>
- Re: State of the debian keyring
  - From: Marco d'Itri <md@Linux.IT>
- Re: State of the debian keyring
  - From: Bart Martens <bartm@debian.org>
- Re: State of the debian keyring
  - From: Matthias Urlichs <smurf@smurf.noris.de>
- Re: State of the debian keyring
  - From: Gunnar Wolf <gwolf@gwolf.org>
- Re: State of the debian keyring
  - From: Ian Jackson <ijackson@chiark.greenend.org.uk>

Prev by Date: Re: State of the debian keyring
Next by Date: Re: State of the debian keyring
Previous by thread: Re: State of the debian keyring
Next by thread: Re: State of the debian keyring
Index(es):
- Date
- Thread