Re: [gentoo-dev] [PATCH 5/4] glep-0063: Allow ECC keys

["Michał Górny" <mgorny@gentoo.org>]

[-- Attachment #1: Type: text/plain, Size: 1505 bytes --]

W dniu śro, 04.07.2018 o godzinie 10∶51 +0200, użytkownik Kristian
Fiskerstrand napisał:
> On 07/04/2018 10:42 AM, Michał Górny wrote:
> > 1. I suppose the ECC/cv25519 packets won't change in incompatible manner
> > at this point.
> 
> It being implemented in gnupg-2-2 is a good indication it won't be
> allowed to change at this point
> 
> > 
> > 2. Hardware incompatibility issues are not really relevant to us but to
> > the person using the key.
> 
> It is relevant to us to the extent of discussion for hardware token for devs
> 

Sure but I think that's the matter of 'recommended' vs 'minimal'.
But that part of the GLEP probably needs to change/be clarified as well.

> > 
> > 3. Developer keys are mostly for internal use, while the majority of
> > users verify only the infra signatures, so I don't think we have to be
> > that concerned about interoperability of the algos, provided that it
> > works for infra purposes.
> 
> This depends on the discussion of rsync vs git, if you expect end-users
> to verify git commits from developers directly you require them to use
> the 2.2 branch, whereby some server users prefer 1.4 for its smaller
> footprint etc. If we conclude that the git repo is internal and not to
> be exposed to end-users per se, but distribution happens in curated git

I honestly don't think Gentoo is the distribution where we let people
stay with obsolete versions for 'smaller footprint'.

-- 
Best regards,
Michał Górny

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 963 bytes --]