Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230

 

 

 

DD Keys

User discussion about Debian Development, Debian Project News and Announcements. Not for support questions.
Locked
Message
Author
User avatar
craigevil
Posts: 5391
Joined: 2006-09-17 03:17
Location: heaven
Has thanked: 28 times
Been thanked: 39 times

DD Keys

#1 Post by craigevil »

5 years ago we started to get worried about the strength of the OpenPGP keys. In May 2009 I stated in a mail to d-d-a[0] that as a project we should be making an orderly move towards stronger keys but not at the expense of our Web of Trust.

In September 2009 I reminded[1] people to ensure they're new keys had a reasonable number of signatures before requesting replacement.

On October 1st 2010 we stopped[2] accepting new keys that were smaller than 2048 bits to the Debian keyrings.

This year, in March[3], we stated that while we were not yet doing a mass removal we were aggressively deprecating the use of 1024 bit keys.

Earlier this week I sent emails directly to the 650+ Debian Developers and Debian Maintainers who still have keys less than 2048 bits in our keyrings. This informed them that their key will be removed from the relevant keyring at the end of the year (31st December 2014).

I am pleased to report that we have already seen 40+ requests for replacement submitted to RT as a result, and expect to see more during the weeks after DebConf. I would ask that DDs make some effort to help those with weak keys get their new, stronger keys signed. Please sign responsibly[4], this is an opportunity for us to improve our web of trust.

J, on behalf of keyring-maint.

[0] https://lists.debian.org/debian-devel-a ... 00005.html [1] https://lists.debian.org/debian-devel-a ... 00011.html [2] https://lists.debian.org/debian-devel-a ... 00003.html [3] https://lists.debian.org/debian-devel-a ... 00003.html [4] http://xkcd.com/364/

--/-\ | We fear change. |@/ Debian GNU/Linux Developer | \- |
Raspberry PI 400 Distro: Raspberry Pi OS Base: Debian Sid Kernel: 5.15.69-v8+ aarch64 DE: MATE Ram 4GB
Debian - "If you can't apt install something, it isn't useful or doesn't exist"
My Giant Sources.list

Locked