On Wed, Feb 13, 2013 at 12:12:35AM +0100, Michael Weber wrote: > On 02/12/2013 10:14 PM, William Hubbs wrote: > > If you have any questions on this, please feel free to let us > > know. > What is the rotation strategy for (near) outdated keys? > Alter the key or create a new one? Sign the new with the old one? If your keysize is still good, you should ideally update the expiry on the key and re-upload it to keyservers.
> IMHO the answer to these questions is not obvious nor given by (our) > docu [1]. I'm pretty sure it was in the devrel developer handbook at one point, along with instructions to create your key, but I can't find it now. > Maybe, add "keep ldap id/fingerprint synchronized" there, too. http://www.gentoo.org/proj/en/infrastructure/ldap.xml#doc_chap3 -- Robin Hugh Johnson Gentoo Linux: Developer, Trustee & Infrastructure Lead E-Mail : robb...@gentoo.org GnuPG FP : 11ACBA4F 4778E3F6 E4EDF38E B27B944E 34884E85