[LCA2015-Chat] keysigning party
Fraser Tweedale
frase at frase.id.au
Wed Dec 17 22:09:41 EST 2014
On Wed, Dec 17, 2014 at 09:36:25PM +1100, Aníbal Monsalve Salazar wrote:
> On Tue, 2014-12-16 21:20:32 +1300, Lin Nah wrote:
> > On Tue, Dec 16, 2014 at 8:40 PM, Fraser Tweedale <frase at frase.id.au> wrote:
> >
> >> I will facilitiate a keysigning party during linux.conf.au 2015.
> >> Date and details will be sorted out in coming weeks but in the
> >> meantime please submit your keys at https://frase.id.au/lca2015 .
> >
> > FYI Daniel Sobey started this page on the lca2015 wiki.
> > https://linux.conf.au/wiki/keysigning
> >
> > P.S. a plug for my graphical OpenPGP signing assistant, gcaff:
> >> https://github.com/frasertweedale/gcaff
>
> Hello Fraser,
>
> May I suggest to include *only* 4K (or larger) RSA keys for the LCA2015
> keysigning party?
>
> For the keysigning party during DebConf 2014 in Portland, we decided to
> not accept DSA keys, as they are now considered weak.
>
> http://plog.sesse.net/blog/tech/2008-05-14-17-21_some_maths.html
>
> The webpage above describe some maths about two DSA attacks. The one
> below is about best practices for your key,
>
> https://help.riseup.net/en/security/message-security/openpgp/best-practices
>
> Cheers,
>
> Aníbal
Hi Anibal, thanks for your suggestion.
The first step is for someone to write a patch for pgpsubmit[1] to
optionally restrict the types/sizes of keys that can be submitted :)
I do not have time to do this at the moment.
I will add a note on the wiki urging people to avoid DSA or weaker
RSA keys (and link the above riseup resource).
[1] https://github.com/frasertweedale/pgpsubmit
Cheers,
Fraser
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.lca2015.linux.org.au/pipermail/chat/attachments/20141217/a5ee0b21/attachment.sig>
More information about the Chat
mailing list