On Mon, Mar 03, 2014 at 10:28:41PM -0600, Gunnar Wolf wrote:
> Thomas Goirand dijo [Tue, Mar 04, 2014 at 11:49:48AM +0800]:
> > On 03/04/2014 02:13 AM, Gunnar Wolf wrote:
> > > As keyring maintainers, we no longer consider 1024D keys to be trustable.
> > > We are not yet mass-removing them, because we don't want to hamper the
> > > project's work, but we definitively will start being more aggressively
> > > deprecating their use.
> > 
> > What does this mean? Is there a schedule in place?  Also, how many 1024D
> > keys are still in the keyring?
> Well, following Clint's post¹ (which I mentioned in my post), we were at 611
> DSA (1024D) vs. 383 RSA (2048R and higher). With 18 DD keys mentioned in the
> post (plus two since then, yay! :) ), we should stand at 591 vs. 403 (minus
> some statistical noise - IIRC only one DM became a DD in this same period).
> About a schedule: No, we do not currently have it. We should work on getting
> a plan for this.

I propose 2014-SEP-01.  Gives people six months to get this done.  Even *I* can
get it done in that amount of time.  I've already emailed my fellow Vancouver
Debian Developers in the hopes of coordinating a revolution^Wkeysigning [1].

> Now, it is not an easy task to get done, and as we might effectively end up
> locking out many DDs, I'm thinking (and I have not yet talked this over in
> the team, but we should discuss it) we should get formal support from the
> project in the form of a GR or something like that... Of course, that after
> sketching a real plan with stages and dates.

I don't think a GR is required.  Keyring Maintainer is a role within the
Project with Delegated Powers.  Just Do It® [2], I say.

[1] This is _Vancouver_ after all.
[2] Nike, don't sue me.

Luca Filipozzi

Attachment: signature.asc
Description: Digital signature

Reply via email to