From: Rich Freeman <rich0@gentoo.org>
To: gentoo-project@lists.gentoo.org
Subject: Re: [gentoo-project] Re: [gentoo-dev] Manifest signing
Date: Thu, 29 Sep 2011 11:48:48 -0400 [thread overview]
Message-ID: <CAGfcS_mYwYTpqqQuYvcvF6cUE1_iQb7npKcqMnzz13hx9Gkxvw@mail.gmail.com> (raw)
In-Reply-To: <4E848ABF.7060308@gentoo.org>
On Thu, Sep 29, 2011 at 11:11 AM, Patrick Lauer <patrick@gentoo.org> wrote:
> Otherwise some funny person will use a 4-bit key that expires tomorrow
> just to point out the missing details ...
>
<div mode=rant>
I think this is becoming a big problem with Gentoo. There is
something to be said for planning, but I think we have a tendency to
bikeshed things to death before we do ANYTHING.
All because when somebody goes and uses a 4-bit key we feel some kind
of paralysis about taking action. People that take obvious steps to
skirt policies should simply be disciplined. I'm not talking about
the guy with an old 512-bit key or whatever, or people that change
after being asked nicely to do so. When it is obvious that people are
just messing with the distro to prove a point then they are excluding
themselves from the community.
We allow ourselves to be held hostage to anybody who can find a
loophole in the rules, and that just leads to 40 bazillion rules and
refusal to move forward until we have at least 50 rules to start with.
If a rule is stupid just say it. If you think a council member who
voted for it is stupid, be polite but call them on it. What we don't
do is just ignore the rules, or try to end-run them.
</div>
I'd just encourage the council to not wait for the perfect
specification to move forward with this or anything else. I applaud
efforts like PMS and I think they add value. However, specs/rules are
a tool to serve the community, and not enslave us.
Why not just keep this simple:
1. Key >= 1024 bits.
2. Validity >= 6 months.
3. Signature readable by stable gpg in tree.
Rich
next prev parent reply other threads:[~2011-09-29 15:49 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <4E848879.2050100@gentoo.org>
2011-09-29 15:04 ` [gentoo-project] Re: [gentoo-dev] Manifest signing Tony "Chainsaw" Vroon
2011-09-29 15:11 ` Patrick Lauer
2011-09-29 15:48 ` Rich Freeman [this message]
2011-09-29 16:09 ` Tony "Chainsaw" Vroon
2011-09-29 16:18 ` Anthony G. Basile
2011-09-29 16:31 ` Mike Frysinger
2011-09-29 16:59 ` Mr. Aaron W. Swenson
2011-09-29 17:17 ` Mike Frysinger
2011-09-29 16:23 ` Mike Frysinger
2011-09-29 16:36 ` Anthony G. Basile
2011-09-29 16:38 ` Anthony G. Basile
2011-09-29 16:48 ` Mr. Aaron W. Swenson
2011-09-29 17:26 ` Mike Frysinger
2011-09-29 17:56 ` Mr. Aaron W. Swenson
2011-09-29 16:28 ` Ciaran McCreesh
2011-09-29 19:43 ` Robin H. Johnson
2011-09-29 20:00 ` Markos Chandras
2011-09-29 20:57 ` Robin H. Johnson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAGfcS_mYwYTpqqQuYvcvF6cUE1_iQb7npKcqMnzz13hx9Gkxvw@mail.gmail.com \
--to=rich0@gentoo.org \
--cc=gentoo-project@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox