From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 31FB0138335 for ; Sun, 29 Jul 2018 20:51:14 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 44C5DE096D; Sun, 29 Jul 2018 20:51:10 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 1D926E0969 for ; Sun, 29 Jul 2018 20:51:10 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 295FC335C32 for ; Sun, 29 Jul 2018 20:51:09 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 9905C39A for ; Sun, 29 Jul 2018 20:51:04 +0000 (UTC) From: "Michał Górny" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Michał Górny" Message-ID: <1532894847.aa9614eda3b220f93e50817d0f6d8e81d4795020.mgorny@gentoo> Subject: [gentoo-commits] data/glep:master commit in: / X-VCS-Repository: data/glep X-VCS-Files: glep-0063.rst X-VCS-Directories: / X-VCS-Committer: mgorny X-VCS-Committer-Name: Michał Górny X-VCS-Revision: aa9614eda3b220f93e50817d0f6d8e81d4795020 X-VCS-Branch: master Date: Sun, 29 Jul 2018 20:51:04 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Archives-Salt: 4555ab4f-0118-41e7-a742-9491a116aec3 X-Archives-Hash: 4b0b5908b4c04dcc86ac5fbc81974aa8 commit: aa9614eda3b220f93e50817d0f6d8e81d4795020 Author: Michał Górny gentoo org> AuthorDate: Sun Jul 8 18:18:06 2018 +0000 Commit: Michał Górny gentoo org> CommitDate: Sun Jul 29 20:07:27 2018 +0000 URL: https://gitweb.gentoo.org/data/glep.git/commit/?id=aa9614ed glep-0063: Unify punctuation Requested-by: Ulrich Müller gentoo.org> glep-0063.rst | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/glep-0063.rst b/glep-0063.rst index ae36d36..c02b89e 100644 --- a/glep-0063.rst +++ b/glep-0063.rst @@ -83,19 +83,19 @@ not be used to commit. at least 256-bit. All subkey self-signatures must use this digest. 2. Signing subkey that is different from the primary key, and does not - have any other capabilities enabled + have any other capabilities enabled. 3. Primary key and the signing subkey are both of type EITHER: - a. RSA, >=2048 bits (OpenPGP v4 key format or later only) + a. RSA, >=2048 bits (OpenPGP v4 key format or later only), - b. ECC curve 25519 + b. ECC curve 25519. 4. Expiration date on key and all subkeys set to no more than 900 days - into the future + into the future. 5. Key expiration date renewed at least 2 weeks before the previous - expiration date + expiration date. 6. Upload your key to the SKS keyserver rotation before usage! @@ -107,9 +107,9 @@ technical reason not to (e.g. hardware limitations, necessity of replacing their primary key). 1. Primary key and the signing subkey are both of type RSA, 2048 bits - (OpenPGP v4 key format or later) + (OpenPGP v4 key format or later). -2. Key expiration renewed annually to a fixed day of the year +2. Key expiration renewed annually to a fixed day of the year. 3. Create a revocation certificate & store it hardcopy offsite securely (it's about ~300 bytes). @@ -142,13 +142,13 @@ External documentation Much of the above was driven by the following: -* NIST SP 800-57 recommendations [#NISTSP800571]_, [#NISTSP800572]_ +* NIST SP 800-57 recommendations [#NISTSP800571]_, [#NISTSP800572]_, -* Debian GPG documentation [#DEBIANGPG]_ +* Debian GPG documentation [#DEBIANGPG]_, -* RiseUp.net OpenPGP best practices [#RISEUP]_ +* RiseUp.net OpenPGP best practices [#RISEUP]_, -* ENISA Algorithms, Key Sizes and Parameters Report 2013 [#ENISA2013]_ +* ENISA Algorithms, Key Sizes and Parameters Report 2013 [#ENISA2013]_. References ==========