[LCA2015-Chat] keysigning party

Fraser Tweedale frase at frase.id.au
Wed Dec 17 22:09:41 EST 2014


On Wed, Dec 17, 2014 at 09:36:25PM +1100, Aníbal Monsalve Salazar wrote:
> On Tue, 2014-12-16 21:20:32 +1300, Lin Nah wrote:
> > On Tue, Dec 16, 2014 at 8:40 PM, Fraser Tweedale <frase at frase.id.au> wrote:
> > 
> >> I will facilitiate a keysigning party during linux.conf.au 2015.
> >> Date and details will be sorted out in coming weeks but in the
> >> meantime please submit your keys at https://frase.id.au/lca2015 .
> > 
> > FYI Daniel Sobey started this page on the lca2015 wiki.
> > https://linux.conf.au/wiki/keysigning
> > 
> > P.S. a plug for my graphical OpenPGP signing assistant, gcaff:
> >>      https://github.com/frasertweedale/gcaff
> 
> Hello Fraser,
> 
> May I suggest to include *only* 4K (or larger) RSA keys for the LCA2015
> keysigning party?
> 
> For the keysigning party during DebConf 2014 in Portland, we decided to
> not accept DSA keys, as they are now considered weak.
> 
> http://plog.sesse.net/blog/tech/2008-05-14-17-21_some_maths.html
> 
> The webpage above describe some maths about two DSA attacks. The one
> below is about best practices for your key,
> 
> https://help.riseup.net/en/security/message-security/openpgp/best-practices
> 
> Cheers,
> 
> Aníbal

Hi Anibal, thanks for your suggestion.

The first step is for someone to write a patch for pgpsubmit[1] to
optionally restrict the types/sizes of keys that can be submitted :)
I do not have time to do this at the moment.

I will add a note on the wiki urging people to avoid DSA or weaker
RSA keys (and link the above riseup resource).

[1] https://github.com/frasertweedale/pgpsubmit

Cheers,

Fraser
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.lca2015.linux.org.au/pipermail/chat/attachments/20141217/a5ee0b21/attachment.sig>


More information about the Chat mailing list