From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-dev+bounces-58643-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	by finch.gentoo.org (Postfix) with ESMTP id 43145138ACE
	for <garchives@archives.gentoo.org>; Tue, 19 Feb 2013 03:36:13 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 80E5CE0525;
	Tue, 19 Feb 2013 03:36:10 +0000 (UTC)
Received: from mail-ve0-f179.google.com (mail-ve0-f179.google.com [209.85.128.179])
	(using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id 90CADE049A
	for <gentoo-dev@lists.gentoo.org>; Tue, 19 Feb 2013 03:36:09 +0000 (UTC)
Received: by mail-ve0-f179.google.com with SMTP id da11so5514310veb.10
        for <gentoo-dev@lists.gentoo.org>; Mon, 18 Feb 2013 19:36:08 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:x-received:in-reply-to:references:date:message-id
         :subject:from:to:content-type;
        bh=kJjniSa5TAQL09bArwZ2v+DNbl9CHnWxG/7mfFwelOE=;
        b=QqOk+0oCNOHH6pUGElk8hvDURAnRo1J9Er8FbvUNmDCJqLjwal/7GRvD9hJZqTMW2N
         d4TtC1xpARvf0/+YZxaW9uw5GzHn17tOXwHCO11rtGy/f2FAirB+N9innDHo0YKTi9zi
         ME/PXicDxpE00F4dlQyYJslNlJLR9SkeiUG/GW4YjoKvWnMNHczfSrJZLqOI6fgm5ucr
         /bOLKFFN+aAGzX2dR9xrOw9ApEqSJnm6jpgvfnGjBcmb5w5hIj0V0WR8xBEKSyNwLCf3
         +VQGA7IK5q2RoFSlc1eNYkkjBYrkzRCWBViTP6gslGIetPUvb8oDpXQWXHgQ0cfRQtte
         feFQ==
Precedence: bulk
List-Post: <mailto:gentoo-dev@lists.gentoo.org>
List-Help: <mailto:gentoo-dev+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-dev+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-dev+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-dev.gentoo.org>
X-BeenThere: gentoo-dev@lists.gentoo.org
Reply-to: gentoo-dev@lists.gentoo.org
MIME-Version: 1.0
X-Received: by 10.220.205.195 with SMTP id fr3mr18488824vcb.6.1361244968747;
 Mon, 18 Feb 2013 19:36:08 -0800 (PST)
Received: by 10.58.163.132 with HTTP; Mon, 18 Feb 2013 19:36:08 -0800 (PST)
In-Reply-To: <robbat2-20130218T234016-332930856Z@orbis-terrarum.net>
References: <robbat2-20130218T224715-868658579Z@orbis-terrarum.net>
	<robbat2-20130218T234016-332930856Z@orbis-terrarum.net>
Date: Tue, 19 Feb 2013 16:36:08 +1300
Message-ID: <CAATnKFBuNko_ZxK0_63pXK0BcnGrmu6m1WxqcUDjFNL5QjrcZA@mail.gmail.com>
Subject: Re: [gentoo-dev] RFC: Gentoo GPG key policies
From: Kent Fredric <kentfredric@gmail.com>
To: gentoo-dev@lists.gentoo.org
Content-Type: text/plain; charset=UTF-8
X-Archives-Salt: ba3fd52e-c33f-4f47-aac1-d77596c7a3cd
X-Archives-Hash: 069b9778bf59ff52b155410d2ec1cd24

It may be advantageous to have a gentoo wrapper script that calls GPG
with recommended settings to make some tasks easier,

 > gentoo-gpg-create --recommended
 > EDITOR=vim gentoo-gpg-rotation --recommended --old=DEADBEEF

and gentoo-gpg-rotation would make a templated key-expiry document ,
edited in $EDITOR, and then cross-signed

I may even take a stab at this myself once the GLEP is finalised, just
curious what people think.





-- 
Kent

perl -e  "print substr( \"edrgmaM  SPA NOcomil.ic\\@tfrken\", \$_ * 3,
3 ) for ( 9,8,0,7,1,6,5,4,3,2 );"

http://kent-fredric.fox.geek.nz