On 10/17/12 06:54, Robin H. Johnson wrote: > Hi all, > > One of the items that has come up in the Git conversion, and needs some > attention. > [snip] > > As such, we've decided to make the PORTAGE_GPG_KEY strictly enforce what > was originally intended. > > - You must specify a key or subkey exactly. > - The leading "0x" is optional. > - If you want to use a subkey, per the PGP specifications, you must > suffix your keyid with "!". > - Your keyid is exactly: 8, 16, 24, 32 xor 40 hexdigits long.
That's nice. Can we also add some basic policies on key format (key length, validity) and get a centrally-hosted keyring? Then it'd even make sense for us to start using the whole signing thing now :) Thanks, Patrick
