You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@isis.apache.org by bu...@apache.org on 2013/02/17 16:12:22 UTC
svn commit: r850854 - in /websites/staging/isis/trunk: cgi-bin/ content/
content/contributors/key-generation.html
Author: buildbot
Date: Sun Feb 17 15:12:22 2013
New Revision: 850854
Log:
Staging update by buildbot for isis
Modified:
websites/staging/isis/trunk/cgi-bin/ (props changed)
websites/staging/isis/trunk/content/ (props changed)
websites/staging/isis/trunk/content/contributors/key-generation.html
Propchange: websites/staging/isis/trunk/cgi-bin/
------------------------------------------------------------------------------
--- cms:source-revision (original)
+++ cms:source-revision Sun Feb 17 15:12:22 2013
@@ -1 +1 @@
-1446872
+1447032
Propchange: websites/staging/isis/trunk/content/
------------------------------------------------------------------------------
--- cms:source-revision (original)
+++ cms:source-revision Sun Feb 17 15:12:22 2013
@@ -1 +1 @@
-1446872
+1447032
Modified: websites/staging/isis/trunk/content/contributors/key-generation.html
==============================================================================
--- websites/staging/isis/trunk/content/contributors/key-generation.html (original)
+++ websites/staging/isis/trunk/content/contributors/key-generation.html Sun Feb 17 15:12:22 2013
@@ -3,7 +3,7 @@
<head>
<meta charset="utf-8">
- <title>Key Generation
</title>
+ <title>Key Generation</title>
<meta name="description" content="">
<meta name="author" content="">
@@ -112,7 +112,7 @@
};
function twshare () {
window.open(
- "https://twitter.com/intent/tweet?url="+document.URL+"&text=Key Generation
",
+ "https://twitter.com/intent/tweet?url="+document.URL+"&text=Key Generation",
'Share on Twitter',
'width=800,height=526');
};
@@ -232,7 +232,7 @@
<div class="page-header">
<p><a href="./../documentation.html">Docs</a> » <a href="./../contributors/about.html">Contributors</a></p>
-<h1>Key Generation
+<h1>Key Generation
</h1>
</div>
@@ -393,19 +393,21 @@ gpg> showpref
gpg>
</pre>
-<p>The Digest line should list SHA-512 first and SHA-1 last.</p>
+<p>The Digest line should list SHA-512 first and SHA-1 last. If it doesn't, use the "setpref" command:</p>
+
+<pre>
+setpref SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed
+</pre>
<p>Finally, remember to take a backup of your key and the keyring (ie, backup the <code>.gnupg</code> directory and its contents).</p>
<h2>Subkey Generation</h2>
-<p>It's recommended to use a subkey with an expiry date to sign releases, rather than your main, non-expiring key. If a subkey is present, then gpg will use it for signing in preference to the main key.</p>
-
-<p><div class="note"></p>
-
-<p>After (binary) release artifacts are created, they are deployed to the ASF's Nexus staging repository. However, Nexus seems unable to retrieve a subkey from the public key server. Until we find a fix/workaround for this, all releases should be signed just with a regular non-expiring main key.</p>
+<p>It's recommended to use a subkey with an expiry date to sign releases, rather than your main, non-expiring key. If a subkey is present, then gpg will use it for signing in preference to the main key.
+<div class="note"></p>
-<p></div></p>
+<p>After (binary) release artifacts are created, they are deployed to the ASF's Nexus staging repository. However, Nexus seems unable to retrieve a subkey from the public key server. Until we find a fix/workaround for this, all releases should be signed just with a regular non-expiring main key.
+</div></p>
<p>To create a subkey Enter the gpg shell using (the identifier of) your main key:</p>
@@ -433,13 +435,11 @@ Please select what kind of key you want:
Your selection?
</pre>
-<p>Select (6) to choose an RSA key for encryption:</p>
+<p>Select (6) to choose an RSA key for encryption:
+<div class="note"></p>
-<p><div class="note"></p>
-
-<p>It would seem that Nexus repository manager does not recognize RSA subkeys with an 'S'ign usage; see this discussion on a mailing list and this issue on Sonatype's JIRA</p>
-
-<p></div></p>
+<p>It would seem that Nexus repository manager does not recognize RSA subkeys with an 'S'ign usage; see this discussion on a mailing list and this issue on Sonatype's JIRA
+</div></p>
<pre>
Your selection? 6
@@ -561,13 +561,11 @@ your machine might store the data and ma
<p>Specify reason as "3 = Key is no longer used"</li>
</ul>
-<p>Backup these files also.</p>
-
-<p><div class="note"></p>
-
-<p>if you find that you need to revoke your certificate, this blog post explains how.</p>
+<p>Backup these files also.
+<div class="note"></p>
-<p></div></p>
+<p>if you find that you need to revoke your certificate, this blog post explains how.
+</div></p>
<h2>Publish Key</h2>