On 13-02-2013 02:15:48 +0100, Jeroen Roovers wrote:
On Tue, 12 Feb 2013 17:07:33 -0800
Alec Warner anta...@gentoo.org wrote:
On Tue, Feb 12, 2013 at 5:05 PM, Jeroen Roovers j...@gentoo.org
wrote:
On Wed, 13 Feb 2013 01:47:34 +0100
Jeroen Roovers j...@gentoo.org wrote:
It would
On 13 February 2013 15:07, Michael Weber x...@gentoo.org wrote:
On 02/13/2013 12:28 AM, Robin H. Johnson wrote:
On Wed, Feb 13, 2013 at 12:12:35AM +0100, Michael Weber wrote:
On 02/12/2013 10:14 PM, William Hubbs wrote:
If you have any questions on this, please feel free to let us
know.
What
On 12 February 2013 23:28, Robin H. Johnson robb...@gentoo.org wrote:
IMHO the answer to these questions is not obvious nor given by (our)
docu [1].
I'm pretty sure it was in the devrel developer handbook at one point,
along with instructions to create your key, but I can't find it now.
This
On 02/13/2013 11:55 AM, Markos Chandras wrote:
http://www.gentoo.org/doc/en/gnupg-user.xml
still no hint what to do on expiration (as every single other gpg howto).
--
Michael Weber
Gentoo Developer
web: https://xmw.de/
mailto: Michael Weber x...@gentoo.org
On Wed, Feb 13, 2013 at 01:20:39PM +0100, Michael Weber wrote:
On 02/13/2013 11:55 AM, Markos Chandras wrote:
http://www.gentoo.org/doc/en/gnupg-user.xml
still no hint what to do on expiration (as every single other gpg howto).
It depends. What do you want to do when it expires?
If you
On 13 February 2013 15:31, Aaron W. Swenson titanof...@gentoo.org wrote:
On Wed, Feb 13, 2013 at 01:20:39PM +0100, Michael Weber wrote:
On 02/13/2013 11:55 AM, Markos Chandras wrote:
http://www.gentoo.org/doc/en/gnupg-user.xml
still no hint what to do on expiration (as every single other
Michael Weber schrieb:
On 02/12/2013 10:14 PM, William Hubbs wrote:
as preparation for the up-coming cvs-git migration of the portage
tree, the council is strongly suggesting that from this point
forward all developers sign their manifests with their gpg key as
described in the developer's
On Wed, Feb 13, 2013 at 8:31 AM, Aaron W. Swenson titanof...@gentoo.org wrote:
This information, by the way, has been blogged about thousands of
times.
There is a reason people write documentation. Contrary to blog posts,
documentation is thought out, reviewed, maintained and corrected when
On Wed, Feb 13, 2013 at 09:35:56AM -0700, Denis Dupeyron wrote:
If you want people to handle security properly you have to tell them
how to. In details. If not everybody will figure it out in his or her
own way, all of them wrong. Get off your high horse and write
documentation if you know how
On Wed, Feb 13, 2013 at 09:35:56AM -0700, Denis Dupeyron wrote:
On Wed, Feb 13, 2013 at 8:31 AM, Aaron W. Swenson titanof...@gentoo.org
wrote:
This information, by the way, has been blogged about thousands of
times.
There is a reason people write documentation. Contrary to blog posts,
On 2/13/13 12:28 AM, Robin H. Johnson wrote:
On Wed, Feb 13, 2013 at 12:12:35AM +0100, Michael Weber wrote:
What is the rotation strategy for (near) outdated keys?
Alter the key or create a new one? Sign the new with the old one?
If your keysize is still good, you should ideally update the
On 13/02/2013 18:46, Paweł Hajdan, Jr. wrote:
What is considered a good key size these days?
As far as I can tell, 2048 rsa should be still fine.
Just drop DSA and anything 1024 I would suggest.
--
Diego Elio Pettenò — Flameeyes
flamee...@flameeyes.eu — http://blog.flameeyes.eu/
On Wed, Feb 13, 2013 at 05:22:14PM +, Aaron W. Swenson wrote:
I agree. This is officially documented by GnuPG. [1] That would be the
best source to use. It details everything one needs to do to manage a
key pair.
Good luck having people find and read it. Similar to (or perhaps
linking to)
On Wed, Feb 13, 2013 at 07:58:30PM +0200, Eray Aslan wrote:
On Wed, Feb 13, 2013 at 05:22:14PM +, Aaron W. Swenson wrote:
I agree. This is officially documented by GnuPG. [1] That would be the
best source to use. It details everything one needs to do to manage a
key pair.
Good luck
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 02/13/2013 06:22 PM, Aaron W. Swenson wrote:
There's nothing Gentoo specific about it. I don't see why we would
need to officially document an official document. The most we
should do is point people to the resource.
So, please link to this
On Tuesday 12 February 2013 15:14:15 William Hubbs wrote:
All,
as preparation for the up-coming cvs-git migration of the portage tree,
the council is strongly suggesting that from this point forward all
developers sign their manifests with their gpg key as described in the
developer's
Agostino Sarubbo wrote:
I'm using ssh -A to forward the key and I'm interested to find a
way to do it for the gpg key.
I found an how-to that uses socat ( http://superuser.com/questions/161973/how-
can-i-forward-a-gpg-key-via-ssh-agent ) but does not work as expected.
Did you debug?
Rather
On 02/13/2013 09:07 PM, Agostino Sarubbo wrote:
As most of us do, I do the commit from another machine, not mine. So, for ssh
I'm using ssh -A to forward the key and I'm interested to find a way to do it
for the gpg key.
I found an how-to that uses socat (
On 02/13/2013 09:23 PM, Peter Stuge wrote:
Rather than creating a TCP socket I would look into using the ssh -W
option.
gpg agent works with unix domain sockets.
--
Michael Weber
Gentoo Developer
web: https://xmw.de/
mailto: Michael Weber x...@gentoo.org
Michael Weber wrote:
Rather than creating a TCP socket I would look into using the ssh -W
option.
gpg agent works with unix domain sockets.
I know. It would look something like socat + ssh -W socat
//Peter
On 02/13/2013 09:30 PM, Michael Weber wrote:
GPG agents do not transport keys, just passphrases.
To stress that, my passphrased key resides on my remote build-box,
gpg just askes my local gpg agent for the passphrase.
ssh -R /root/.gnupg/S.gpg-agent:/tmp/keyring-michael/gpg b-4
with a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 02/12/2013 10:14 PM, William Hubbs wrote:
as preparation for the up-coming cvs-git migration of the portage
tree, the council is strongly suggesting that from this point
forward all developers sign their manifests with their gpg key as
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 02/12/2013 10:14 PM, William Hubbs wrote:
If you have any questions on this, please feel free to let us
know.
What is the rotation strategy for (near) outdated keys?
Alter the key or create a new one? Sign the new with the old one?
IMHO the
On Wed, Feb 13, 2013 at 12:12:35AM +0100, Michael Weber wrote:
On 02/12/2013 10:14 PM, William Hubbs wrote:
If you have any questions on this, please feel free to let us
know.
What is the rotation strategy for (near) outdated keys?
Alter the key or create a new one? Sign the new with the
On Tue, 12 Feb 2013 15:14:15 -0600
William Hubbs willi...@gentoo.org wrote:
All,
as preparation for the up-coming cvs-git migration of the portage
tree, the council is strongly suggesting that from this point forward
all developers sign their manifests with their gpg key as described
in
On Wed, 13 Feb 2013 01:47:34 +0100
Jeroen Roovers j...@gentoo.org wrote:
It would help if repoman noticed when you have FEATURES=-sign. :-\
https://bugs.gentoo.org/show_bug.cgi?id=457034
jer
On Tue, Feb 12, 2013 at 5:05 PM, Jeroen Roovers j...@gentoo.org wrote:
On Wed, 13 Feb 2013 01:47:34 +0100
Jeroen Roovers j...@gentoo.org wrote:
It would help if repoman noticed when you have FEATURES=-sign. :-\
https://bugs.gentoo.org/show_bug.cgi?id=457034
We can do the opposite, and just
On Tue, 12 Feb 2013 17:07:33 -0800
Alec Warner anta...@gentoo.org wrote:
On Tue, Feb 12, 2013 at 5:05 PM, Jeroen Roovers j...@gentoo.org
wrote:
On Wed, 13 Feb 2013 01:47:34 +0100
Jeroen Roovers j...@gentoo.org wrote:
It would help if repoman noticed when you have FEATURES=-sign. :-\
On 02/13/2013 12:28 AM, Robin H. Johnson wrote:
On Wed, Feb 13, 2013 at 12:12:35AM +0100, Michael Weber wrote:
On 02/12/2013 10:14 PM, William Hubbs wrote:
If you have any questions on this, please feel free to let us
know.
What is the rotation strategy for (near) outdated keys?
Alter the
29 matches
Mail list logo
