On 02/13/2013 12:28 AM, Robin H. Johnson wrote: > On Wed, Feb 13, 2013 at 12:12:35AM +0100, Michael Weber wrote: >> On 02/12/2013 10:14 PM, William Hubbs wrote: >>> If you have any questions on this, please feel free to let us >>> know. >> What is the rotation strategy for (near) outdated keys? >> Alter the key or create a new one? Sign the new with the old one? > If your keysize is still good, you should ideally update the expiry on > the key and re-upload it to keyservers. Can you commit this to the document, please?
>> IMHO the answer to these questions is not obvious nor given by (our) >> docu [1]. > I'm pretty sure it was in the devrel developer handbook at one point, > along with instructions to create your key, but I can't find it now. > >> Maybe, add "keep ldap id/fingerprint synchronized" there, too. > http://www.gentoo.org/proj/en/infrastructure/ldap.xml#doc_chap3 That does tell how to update the data, but does not suggest to do so. My main concern is the cross-referencing of our documentation. I'm aware that there is a ton of documentation splattered all over the place and outside our infra. But besides the "non-trivial" step to become a dev (as mentioned last week) there is a certain non-trivial step to keep one, esp. by gathering the non-routine informations and fast-forward developments. -- Michael Weber Gentoo Developer web: https://xmw.de/ mailto: Michael Weber <x...@gentoo.org>
