On Sat, Nov 08, 2014 at 09:59:08PM +0100, Richard Hartmann wrote:
> Can you put this list, and a count, in a place I can wget from?
You've trimmed all context so I'm not entirely clear if you're looking
for the key list or something else. If it's the key list you should be
able to calculate it you
On 8 November 2014 17:05, Thijs Kinkhorst wrote:
> On Sat, November 8, 2014 17:09, Jonathan McDowell wrote:
>> We had hoped to be down to a small number of special cases to deal with
>> by this point, but with the numbers still looking this bad we're not
>> yet at a stage where we can work out app
Can you put this list, and a count, in a place I can wget from?
Richard
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive:
https://lists.debian.org/CAD77+gSx377A0rG6ZYhszEfm27u0q5KW7bDtG9gi9a
On Sat, November 8, 2014 17:09, Jonathan McDowell wrote:
> We had hoped to be down to a small number of special cases to deal with
> by this point, but with the numbers still looking this bad we're not
> yet at a stage where we can work out appropriate next steps for those
> special cases.
In the
peter green dijo [Sun, Aug 31, 2014 at 01:27:11PM +0100]:
> Jonathan McDowell wrote:
> >I would ask that DDs make some effort to help
> >those with weak keys get their new, stronger keys signed. Please sign
> >responsibly[4],
> If you have signed someones old key is it considered "responsible"
> to
On Tue, Sep 02 2014, Manoj Srivastava wrote:
> On Tue, Sep 02 2014, Jeremy T. Bouse wrote:
>
>
>> I don't know how the *-cert-level options in gpg/gpg2 match up with
>> that section RFC480. Actually reading the sections in the man pages it
>> reads very differently.
>
> I stand correc
On Tue, Sep 02 2014, Jeremy T. Bouse wrote:
> I don't know how the *-cert-level options in gpg/gpg2 match up with
> that section RFC480. Actually reading the sections in the man pages it
> reads very differently.
I stand corrected. Now I just need to figure out how to resign
the k
On 09/02/2014 12:28 PM, Manoj Srivastava wrote:
> On Tue, Sep 02 2014, Matthias Urlichs wrote:
>
>> there's a GPG option (via the the *-cert-level options, see 'man gpg')
>> to state how carefully you did verify their identity, but ultimately
>> it's up to you.
>
> That is not how I inter
Manoj Srivastava writes:
> On Tue, Sep 02 2014, Matthias Urlichs wrote:
>> there's a GPG option (via the the *-cert-level options, see 'man gpg')
>> to state how carefully you did verify their identity, but ultimately
>> it's up to you.
>
> That is not how I interpreted that option to mean
On Tue, Sep 02 2014, Matthias Urlichs wrote:
> there's a GPG option (via the the *-cert-level options, see 'man gpg')
> to state how carefully you did verify their identity, but ultimately
> it's up to you.
That is not how I interpreted that option to mean.
,[ http://tools.ietf.org/h
Hi,
Jakub Wilk:
> Do you have any non-joke documentation about signing responsibly?
>
Signing a key is equivalent to saying that you think that the key belongs
to a particular individual and/or identity.
Whether that means "I regularly hang out with them at DebConf" or
"I met them in a keysignin
On Sun, Aug 31, 2014 at 11:07:43AM -0700, Stefano Zacchiroli wrote:
> On Sun, Aug 31, 2014 at 01:27:11PM +0100, peter green wrote:
> > If you have signed someones old key is it considered "responsible" to
> > sign their new key based on a transition statement signed by the old
> > key? or is a new
Hi,
On Sonntag, 31. August 2014, peter green wrote:
> My understanding is that the NSA and similar organisations can probablly
> crack 1024 bit keys but the cost of doing so (assuming there hasn't been
> some secret mathematical breakthrough) is likely sufficiently high that
> it would be cheaper
* Jonathan McDowell , 2014-08-31, 04:31:
Please sign responsibly[4],
[...]
[4] http://xkcd.com/364/
Do you have any non-joke documentation about signing responsibly?
--
Jakub Wilk
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Co
On Sun, Aug 31, 2014 at 01:27:11PM +0100, peter green wrote:
> If you have signed someones old key is it considered "responsible" to
> sign their new key based on a transition statement signed by the old
> key? or is a new face-to-face meeting required? I've seen plenty of
> (sometimes conflicting)
Jonathan McDowell wrote:
I would ask that DDs make some effort to help
those with weak keys get their new, stronger keys signed. Please sign
responsibly[4],
If you have signed someones old key is it considered "responsible" to
sign their new key based on a transition statement signed by the old
16 matches
Mail list logo
