-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 02/12/2013 10:14 PM, William Hubbs wrote: > If you have any questions on this, please feel free to let us > know. What is the rotation strategy for (near) outdated keys? Alter the key or create a new one? Sign the new with the old one?
IMHO the answer to these questions is not obvious nor given by (our) docu [1]. Maybe, add "keep ldap id/fingerprint synchronized" there, too. > [1] > http://devmanual.gentoo.org/general-concepts/manifest/index.html - -- Michael Weber Gentoo Developer web: https://xmw.de/ mailto: Michael Weber <x...@gentoo.org> -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iF4EAREIAAYFAlEazGMACgkQknrdDGLu8JBXygD8CalxwI4y7kxbqYwyXcyohtbW 7xICGdFgIDA8jH7v4poA/RrtQTxwmmzE4g53Eyg8RBKxEIa0BmAZUaAMIyM9ntdq =XOfU -----END PGP SIGNATURE-----