Paul Wise <[email protected]> writes: > There are more people using 1024-bit keys than >= 2048-bit keys (in > debian-keyring.gpg), many of these are active developers, some not so > active. It would be a major human resources issue for Debian to disable > all of those keys but I guess it is the only way to get people to > migrate to stronger keys.
> 654 pub 1024D > 1 pub 1024R > 27 pub 2048R > 2 pub 3072R > 306 pub 4096R > 2 pub 8192R > 1 pub 10240R I suspect that some of the problem is people feeling like they need to go through an in-person key signing to get their new key certified, which can be quite awkward depending on where one lives and how much day-to-day contact one has with other DDs. Perhaps we should make more public the idea that a key transition document signed with both keys and posted publicly is probably sufficient to warrant signing the new key if one has signed the old key? (Assuming that's actually true.) -- Russ Allbery ([email protected]) <http://www.eyrie.org/~eagle/> -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
