On Thu, Jan 23, 2014 at 10:07:29PM +, Clint Adams wrote:
The following three reports were generated with debian-keyring
2013.12.13, hopenpgp-tools 0.4-1, jshon 20131010-3, and the
Redone with debian-keyring 2014.01.31, hopenpgp-tools 0.6-1,
jq 1.3-1.1, and attached script:
On Sat, Feb 22, 2014 at 10:41:48PM +, Clint Adams wrote:
Redone with debian-keyring 2014.01.31, hopenpgp-tools 0.6-1,
jq 1.3-1.1, and attached script:
(/usr/share/keyrings/debian-keyring.gpg)
[...]
Primary key pubkey sizes:
612 1024
For those people who are not aware of this
Kurt Roeckx dijo [Sun, Feb 23, 2014 at 12:46:41AM +0100]:
For those people who are not aware of this yet, this is really a
problem. This provides less security than an 80 bit symmetric
cipher. A brute force for this is possible. It's considered to
have very short time protection against
On Sat, Feb 22, 2014 at 06:35:06PM -0600, Gunnar Wolf wrote:
I'd like to ask the project as a whole for input on how we should push
towards this migration. I guess that most of the socially-connected
Debian Developers already have 4096R keys. How can we reach those who
don't? How can we
Kurt Roeckx dijo [Sun, Feb 23, 2014 at 01:51:32AM +0100]:
I'd like to ask the project as a whole for input on how we should push
towards this migration. I guess that most of the socially-connected
Debian Developers already have 4096R keys. How can we reach those who
don't? How can we
* Gunnar Wolf gw...@gwolf.org, 2014-02-22, 18:35:
...And now hat you mention this here on the list, we have been
discussing how to deal with this for keyring-maint¹.
It would clearly be unacceptable for us to decide to lock out 61.5% of
Debian because of their old key. Also, removing those
On Sat, Feb 22, 2014 at 7:35 PM, Gunnar Wolf gw...@gwolf.org wrote:
That's still 61.5% that's at 1024 bit. CAs are doing better than
this, with only 0.8% of the certificates that are still active
being 1024 bit.
Can I suggest that everyone that is still using a 1024 bit pgp key
generates a
On Sun, Feb 23, 2014 at 8:35 AM, Gunnar Wolf wrote:
So, what do you suggest?
Set a deadline (say 1 year?) for removal of all 1024 bit keys from the
keyring. Notify all users of 1024 bit keys via all addresses listed in
the MIA db and all UIDs on those keys. Remind people that coming to
DebConf
Debian 7.2 is conform with the Posix.1-2008/SUSv.4? If not, when will be?
--
To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
On Sun, Feb 23, 2014 at 2:05 PM, tre mor wrote:
Debian 7.2 is conform with the Posix.1-2008/SUSv.4? If not, when will be?
If you would like to check Debian's conformance with POSIX/SUSv.3,
please use the POSIX Test Suite (PCTS:151-2) available here and the
Open Group's test suites.
10 matches
Mail list logo
