On Thu, Nov 05, 2020 at 11:03:06 +1000, Allan McRae wrote:
> These are strong arguments to keep the current default. Particularly
> given there is nothing wrong with the current default at the moment, and
> you can initialize your pacman keyring "by hand" if you really are
> concerned.
How
On 5/11/20 9:23 am, Jonas Witschel wrote:
> On 2020-11-04 21:53, Geert Hendrickx via pacman-dev wrote:
>> Larger RSA keys are not the way forward, switch to ed25519 instead.
>> This will also become the default in the next version of GnuPG.
>> [...]
>> -Key-Type: RSA
>> -Key-Length: 4096
>>
On 11/4/20 5:47 PM, Geert Hendrickx via pacman-dev wrote:
> On Wed, Nov 04, 2020 at 16:30:19 -0500, Eli Schwartz wrote:
>> Currently pacman assumes gpgme from >= the year 2010, is that sufficient
>> to read ed25519? (idk, it's shelling out to gpg and thus likely doesn't
>> care?) Maybe we should
On 2020-11-04 21:53, Geert Hendrickx via pacman-dev wrote:
> Larger RSA keys are not the way forward, switch to ed25519 instead.
> This will also become the default in the next version of GnuPG.
> [...]
> -Key-Type: RSA
> -Key-Length: 4096
> +Key-Type: EDDSA
> +Key-Curve: ed25519
I will note
On Wed, Nov 04, 2020 at 16:30:19 -0500, Eli Schwartz wrote:
> Currently pacman assumes gpgme from >= the year 2010, is that sufficient
> to read ed25519? (idk, it's shelling out to gpg and thus likely doesn't
> care?) Maybe we should bump this anyway in the expectation that requiring
> a ~2015
On 11/4/20 3:53 PM, Geert Hendrickx via pacman-dev wrote:
> Larger RSA keys are not the way forward, switch to ed25519 instead.
Currently pacman assumes gpgme from >= the year 2010, is that sufficient
to read ed25519? (idk, it's shelling out to gpg and thus likely doesn't
care?) Maybe we should