From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id 17BEF1389F0 for ; Wed, 13 Feb 2013 08:47:10 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id C7B34E0262; Wed, 13 Feb 2013 08:47:06 +0000 (UTC) Received: from mail-ie0-f177.google.com (mail-ie0-f177.google.com [209.85.223.177]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 51EC9E01C9 for ; Wed, 13 Feb 2013 08:47:05 +0000 (UTC) Received: by mail-ie0-f177.google.com with SMTP id 16so1364686iea.22 for ; Wed, 13 Feb 2013 00:47:04 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:reply-to:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type; bh=OKQBIPDsPO9vDL9pDTNSeIKv8i0jfr2tVM+oSWBnQuA=; b=kxDJhGDlN3dgUrB7xbuF93fIFszVhzvAA5BJ0pEOGCMHUaEnT8+S78xzYHfkrma7R/ Nue6+idXHfprEWlX+3kiU7enzbWHWCY0W1Envbq+dIcPrN3b8m/0+0Wm26ZhnLGH0NUX BCCu21JdxBE0UDuMfI0RTVoarWf0V2rcUV1NblVZW9HRmUFU/Xq06ALx/IuFbMellRpD w2zCQdKfV0pnaD0nHMttgllkBubFIeJmg75mpW/RTiS/fS80OjruhYgUaR7f2i1coxmm hTXot8rm4oLNJeaPsUbBhW3qMlIoJjR5EGIgLnmW+zoqkRRITwBuRf1cPMAdtIVfK4Uz dy3g== Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 X-Received: by 10.50.189.193 with SMTP id gk1mr9586004igc.87.1360745224507; Wed, 13 Feb 2013 00:47:04 -0800 (PST) Sender: yngwin@gmail.com Received: by 10.64.52.166 with HTTP; Wed, 13 Feb 2013 00:47:04 -0800 (PST) In-Reply-To: <511B3BBB.8000804@gentoo.org> References: <20130212211415.GA4364@linux1> <511ACC63.7000500@gentoo.org> <511B3BBB.8000804@gentoo.org> Date: Wed, 13 Feb 2013 16:47:04 +0800 X-Google-Sender-Auth: jKNXh1a6uqVhJVq0iQ-vjY_ZwcU Message-ID: Subject: Re: [gentoo-dev] Re: [gentoo-dev-announce] please sign your manifests From: Ben de Groot To: gentoo-dev@lists.gentoo.org Content-Type: text/plain; charset=UTF-8 X-Archives-Salt: e3a5031c-7234-4d25-be1d-ce0e05d66831 X-Archives-Hash: ee5d3e05cd99c1d668cf6e4b87162c39 On 13 February 2013 15:07, Michael Weber wrote: > On 02/13/2013 12:28 AM, Robin H. Johnson wrote: >> On Wed, Feb 13, 2013 at 12:12:35AM +0100, Michael Weber wrote: >>> On 02/12/2013 10:14 PM, William Hubbs wrote: >>>> If you have any questions on this, please feel free to let us >>>> know. >>> What is the rotation strategy for (near) outdated keys? >>> Alter the key or create a new one? Sign the new with the old one? >> If your keysize is still good, you should ideally update the expiry on >> the key and re-upload it to keyservers. > Can you commit this to the document, please? > >>> IMHO the answer to these questions is not obvious nor given by (our) >>> docu [1]. >> I'm pretty sure it was in the devrel developer handbook at one point, >> along with instructions to create your key, but I can't find it now. >> >>> Maybe, add "keep ldap id/fingerprint synchronized" there, too. >> http://www.gentoo.org/proj/en/infrastructure/ldap.xml#doc_chap3 > That does tell how to update the data, but does not suggest to do so. > > My main concern is the cross-referencing of our documentation. > I'm aware that there is a ton of documentation splattered all over the > place > and outside our infra. > But besides the "non-trivial" step to become a dev (as mentioned last week) > there is a certain non-trivial step to keep one, esp. by gathering the > non-routine informations and fast-forward developments. All pertinent information should be in the devmanual. If it's not, then this omission should be fixed as soon as possible. There is no reason to keep this scattered over multiple locations. -- Cheers, Ben | yngwin Gentoo developer Gentoo Qt project lead, Gentoo Wiki admin