[FOSDEM] Keysigning: please submit your keys
Tom Marble
tmarble at info9.net
Thu Dec 23 14:41:01 CET 2010
On 12/21/2010 09:17 AM, Philip Paeps wrote:
> The keysigning infrastructure seems to have held up well this year. I spent
> some time today preparing the infrastructure for FOSDEM 2011.
As you are now promoting the KSP here (and on twitter)
allow me to suggest that the KSP organizers recommend
that attendees consider generating stronger 4096 RSA keys [0]
if they have not already and double check the GPG configuration
for signature strength SHA-512 [1][2][3].
In preparing for the Debconf 10 KSP [4] several resources
were assembled to help in this process [5][6]. I created a
small program, kspsig, to help verify signature strength [7].
HTH,
--Tom
[0] https://we.riseup.net/riseuplabs+paow/openpgp-best-practices#primary-keys-should-be-dsa-2-or-rsa-2048-bits-or-m
[1] https://lists.debian.org/debian-devel-announce/2009/05/msg00005.html
[2] http://www.gnupg.org/faq/weak-digest-algos.html
[3] http://csrc.nist.gov/groups/ST/hash/statement.html
[4] http://people.debian.org/~anibal/ksp-dc10/ksp-dc10.html
[5] http://keyring.debian.org/creating-key.html
[6] http://www.debian-administration.org/users/dkg/weblog/48
[7] https://github.com/tmarble/kspsig
The content of all messages is the sole responsibility of the author.
More information about the FOSDEM
mailing list