[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Reminder: Removing < 2048 bit keys from the Debian keyrings

On Tue, Nov 11, 2014 at 02:35:55PM -0600, Gunnar Wolf wrote:
> Henrique de Moraes Holschuh dijo [Sat, Nov 08, 2014 at 07:11:14PM -0200]:
> > On Sat, 08 Nov 2014, Richard Hartmann wrote:
> > > Interpretation is in the eye of the bee holder, but I am considering
> > > to attach this list to my weekly bug report; mainly because I can.
> > 
> > Wouldn't it make more sense to ask these people privately what is getting in
> > the way of a switch to a stronger key?
> They have been asked. Repeatedly.

AIUI, you need to have at least one(?) additional signature on your new
2048+ RSA key on top of your old DSA key, correct?

If so, did you consider relaxing this requirement for the rollover? I.e.
maybe having 2048 RSA keys signed by (only) old 1024 DSA keys in the
keyring is better than having no key at all for a particular DD?


Reply to: