From: Kristian Fiskerstrand <k_f@gentoo.org>
To: gentoo-dev@lists.gentoo.org, "Michał Górny" <mgorny@gentoo.org>
Cc: robbat2@gentoo.org
Subject: Re: [gentoo-dev] [PATCH 5/4] glep-0063: Allow ECC keys
Date: Wed, 4 Jul 2018 10:51:31 +0200 [thread overview]
Message-ID: <4a600c09-312f-dd03-d206-d0b4b8d63770@gentoo.org> (raw)
In-Reply-To: <1530693762.914.30.camel@gentoo.org>
[-- Attachment #1.1: Type: text/plain, Size: 1235 bytes --]
On 07/04/2018 10:42 AM, Michał Górny wrote:
> 1. I suppose the ECC/cv25519 packets won't change in incompatible manner
> at this point.
It being implemented in gnupg-2-2 is a good indication it won't be
allowed to change at this point
>
> 2. Hardware incompatibility issues are not really relevant to us but to
> the person using the key.
It is relevant to us to the extent of discussion for hardware token for devs
>
> 3. Developer keys are mostly for internal use, while the majority of
> users verify only the infra signatures, so I don't think we have to be
> that concerned about interoperability of the algos, provided that it
> works for infra purposes.
This depends on the discussion of rsync vs git, if you expect end-users
to verify git commits from developers directly you require them to use
the 2.2 branch, whereby some server users prefer 1.4 for its smaller
footprint etc. If we conclude that the git repo is internal and not to
be exposed to end-users per se, but distribution happens in curated git
or rsync I agree it is not an issue.
--
Kristian Fiskerstrand
OpenPGP keyblock reachable at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 488 bytes --]
next prev parent reply other threads:[~2018-07-04 8:51 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-07-03 13:29 [gentoo-dev] [PATCH 0/4] GLEP 63: clean up, and reduce key size to RSA-2048 Michał Górny
2018-07-03 13:29 ` [gentoo-dev] [PATCH 1/4] glep-0063: Use 'OpenPGP' as appropriate Michał Górny
2018-07-03 13:29 ` [gentoo-dev] [PATCH 2/4] glep-0063: RSAv4 -> OpenPGP v4 key format Michał Górny
2018-07-03 13:29 ` [gentoo-dev] [PATCH 3/4] glep-0063: Clarify dedicated signing subkey in minimal reqs Michał Górny
2018-07-03 13:29 ` [gentoo-dev] [PATCH 4/4] glep-0063: Change the recommended RSA key size to 2048 bits Michał Górny
2018-07-03 16:40 ` [gentoo-dev] [PATCH 0/4] GLEP 63: clean up, and reduce key size to RSA-2048 Aaron Bauman
2018-07-03 16:42 ` Aaron Bauman
2018-07-03 19:55 ` Michał Górny
2018-07-04 7:22 ` [gentoo-dev] [PATCH 5/4] glep-0063: Allow ECC keys Michał Górny
2018-07-04 7:49 ` Kristian Fiskerstrand
2018-07-04 7:54 ` Michał Górny
2018-07-04 8:01 ` Kristian Fiskerstrand
2018-07-04 8:42 ` Michał Górny
2018-07-04 8:51 ` Kristian Fiskerstrand [this message]
2018-07-04 9:09 ` Michał Górny
2018-07-04 9:49 ` Kristian Fiskerstrand
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4a600c09-312f-dd03-d206-d0b4b8d63770@gentoo.org \
--to=k_f@gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
--cc=mgorny@gentoo.org \
--cc=robbat2@gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox