You are viewing a plain text version of this content. The canonical link for it is here.
Posted to community@apache.org by Robert Burrell Donkin <rd...@apache.org> on 2009/08/11 14:39:32 UTC
[OpenPGP] Moving Away From DSA and SHA-1
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
with ApacheConUS only three months away, we really need to start
planning how apache can move away from short keys (DSA and RSA < 2048)
and weak WOT links (SHA-1)[1]. the consensus on infra was that this is
the best list for this discussion. if it happens to get too busy then a
new list can be created.
the first step needs to be updating the documents so that new release
managers know how to set up and use GnuPG[2] to generate keys unlikely
to need changing in the next couple of years. i'll start a thread over
on site dev to cover this.
the first question for discussion is recommended key length. 2048 is the
minimum safe size for new keys but only just. for keys used to sign
releases, 4096 is more credible today. 8192 bit keys are possible with
GnuPG[3] but are fiddly and - in older tools - support may be patchy.
going for 4096 would mean a second transition before 2015 but the next
generation (SHA-3 and next generation of OpenPGP) should be available by
then.
consensus on infra was to go for 4096 but if anyone knows any good
reasons to go for some other value, please jump in.
- - robert
[1]
http://www.jroller.com/robertburrelldonkin/entry/release_distribution_renewing_the_web
[2] http://www.gnupg.org
[3] http://www.jroller.com/robertburrelldonkin/entry/gnupg_8192bit_rsa_keys
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQIcBAEBAgAGBQJKgWaEAAoJEHl6NpRAqILLzzQP/RI/ZpkauHrLMzW48lNRsmUc
h9a4HJ1WXL6eESSbJK9rawPxrAvG/p3rbH3TTixIkwLPz8BQDuG8kxmTHn8LDlGg
/YLZbDtgFpF3SElGn1MbzldI48DTgw/JXa4opVHi/gvSAoA72+P7td5D12YiA+6R
Urr6I8hcDOdHRfDsXPHbu5MLh4S//vVgrdOXahLqwzwJK0GCdsjJ88RGJgPXrWfH
abfzKY3jGUheLtIJUbQiMI2IKA5VrCK+WMXoWxnqnnxL6JDQUGXfpai5dxoRy22D
wcv6UN+FIUF8OCBymYRXMcngwczYDkYkUyrVEjOSlnmtC4rHKq/wZGtn3VJGSCEf
hLoSC+aZ+HLHxK5pA0ZxRs4IFhMtTijV5ng6VA1aOPW0N1ySIUd7fgAO7QpksCcL
84LZMAzstH48Ce2Zzrj8oJ5NLYIR531Mh0C7N/JRkUdPLTXDByvXBTJ9uRXoRw6v
a1IexoewUxXfAcR2Yi0lVtkL9ZBVWMm/caXpSqLHKxFvQND71dWg+7UsfJR057c3
CP5bwJIp4dANLOeYa6kj07b+Xu2ZutKBAdZWSH/u3lx1Grh3apq1gbGmdoyKyLyj
d4px2wyB6oWS5C3ZEdAG8oy9QC1LERgnqTt7kMGMNl5j8E1AAMsPTw7laULss1S1
itF2Nys9bJZA1dfQTx7B
=w79Q
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: community-unsubscribe@apache.org
For additional commands, e-mail: community-help@apache.org
Re: [OpenPGP] Moving Away From DSA and SHA-1
Posted by Robert Burrell Donkin <rd...@apache.org>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
sebb wrote:
> On 11/08/2009, Robert Burrell Donkin <rd...@apache.org> wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> with ApacheConUS only three months away, we really need to start
>> planning how apache can move away from short keys (DSA and RSA < 2048)
>> and weak WOT links (SHA-1)[1]. the consensus on infra was that this is
>> the best list for this discussion. if it happens to get too busy then a
>> new list can be created.
>>
>> the first step needs to be updating the documents so that new release
>> managers know how to set up and use GnuPG[2] to generate keys unlikely
>> to need changing in the next couple of years. i'll start a thread over
>> on site dev to cover this.
>>
>> the first question for discussion is recommended key length. 2048 is the
>> minimum safe size for new keys but only just. for keys used to sign
>> releases, 4096 is more credible today. 8192 bit keys are possible with
>> GnuPG[3] but are fiddly and - in older tools - support may be patchy.
>> going for 4096 would mean a second transition before 2015 but the next
>> generation (SHA-3 and next generation of OpenPGP) should be available by
>> then.
>
> Perhaps the new keys should have an expiration date of 2015 (or earlier)?
probably a good idea. expiry dates can be changed on keys so it's just a
useful reminder.
- - robert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQIcBAEBAgAGBQJKgY3wAAoJEHl6NpRAqILL5Q4P/RuxsSgi9yfdrmvkSCEpF8v1
Vxk13D2pddSdyUt1oyCapfGQcQAGDi3PV588YsD06tVIc1rU+SbDkxPrNUNdtU3Z
/sjEyltHZeqyszMv+WdkieddlhUrStdOjP22Fr5rIDvXmPKsBzqPgdbHuN5jLJ0x
ZhbQAtlGEx/M8OHmxJJe8zgcUdPySrzZdLVXxsJaG+k7AkLRyeCllGzdaXICxOnP
YZ+lTg+YiqSDsE3nb6OKy2OYUuZp+VoX/8TYzFXC1JnLXOmkOw2j7fffPd/t61gn
EW/MZEnJ5dzdqzzQdCFm/q7D+x5JCv4HkPAMXXzXUvN5D83ROS2ZusJL36J/TuDv
jTfGd5M74oiLL39vG1M02S/CW/WHt+GpLiyet+Gfx21S5zk+NudJ86ooGnLEQjCW
ItS1Rtey8wQlKE1ilf3D7YyiWm0gmegzUJGzCnGvVVRRteCO/3GgYpAU5Ah+Zf6r
X5DptU8nFTJjTwtrr6G4XoBrYU5DcE9xEQFW5dlRKWaalySd5OHzw4QYnuyeN43E
eUtwjnhtGbx4A2KG7/mhFcW85PUl6qHrXDU4pU2qo3DJ0f/NGRAa7ysjKhzq+1W3
V9BCNgiGTN5a12PNxI1CWvGs0hgfHEswBOYkBuc5gd9EYTHKgxYCCprypJVVoLcD
CA545FfSgBIf6m28+nKb
=pMAR
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: community-unsubscribe@apache.org
For additional commands, e-mail: community-help@apache.org
Re: [OpenPGP] Moving Away From DSA and SHA-1
Posted by sebb <se...@gmail.com>.
On 11/08/2009, Robert Burrell Donkin <rd...@apache.org> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> with ApacheConUS only three months away, we really need to start
> planning how apache can move away from short keys (DSA and RSA < 2048)
> and weak WOT links (SHA-1)[1]. the consensus on infra was that this is
> the best list for this discussion. if it happens to get too busy then a
> new list can be created.
>
> the first step needs to be updating the documents so that new release
> managers know how to set up and use GnuPG[2] to generate keys unlikely
> to need changing in the next couple of years. i'll start a thread over
> on site dev to cover this.
>
> the first question for discussion is recommended key length. 2048 is the
> minimum safe size for new keys but only just. for keys used to sign
> releases, 4096 is more credible today. 8192 bit keys are possible with
> GnuPG[3] but are fiddly and - in older tools - support may be patchy.
> going for 4096 would mean a second transition before 2015 but the next
> generation (SHA-3 and next generation of OpenPGP) should be available by
> then.
Perhaps the new keys should have an expiration date of 2015 (or earlier)?
> consensus on infra was to go for 4096 but if anyone knows any good
> reasons to go for some other value, please jump in.
>
> - - robert
>
> [1]
> http://www.jroller.com/robertburrelldonkin/entry/release_distribution_renewing_the_web
> [2] http://www.gnupg.org
> [3] http://www.jroller.com/robertburrelldonkin/entry/gnupg_8192bit_rsa_keys
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.11 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iQIcBAEBAgAGBQJKgWaEAAoJEHl6NpRAqILLzzQP/RI/ZpkauHrLMzW48lNRsmUc
> h9a4HJ1WXL6eESSbJK9rawPxrAvG/p3rbH3TTixIkwLPz8BQDuG8kxmTHn8LDlGg
> /YLZbDtgFpF3SElGn1MbzldI48DTgw/JXa4opVHi/gvSAoA72+P7td5D12YiA+6R
> Urr6I8hcDOdHRfDsXPHbu5MLh4S//vVgrdOXahLqwzwJK0GCdsjJ88RGJgPXrWfH
> abfzKY3jGUheLtIJUbQiMI2IKA5VrCK+WMXoWxnqnnxL6JDQUGXfpai5dxoRy22D
> wcv6UN+FIUF8OCBymYRXMcngwczYDkYkUyrVEjOSlnmtC4rHKq/wZGtn3VJGSCEf
> hLoSC+aZ+HLHxK5pA0ZxRs4IFhMtTijV5ng6VA1aOPW0N1ySIUd7fgAO7QpksCcL
> 84LZMAzstH48Ce2Zzrj8oJ5NLYIR531Mh0C7N/JRkUdPLTXDByvXBTJ9uRXoRw6v
> a1IexoewUxXfAcR2Yi0lVtkL9ZBVWMm/caXpSqLHKxFvQND71dWg+7UsfJR057c3
> CP5bwJIp4dANLOeYa6kj07b+Xu2ZutKBAdZWSH/u3lx1Grh3apq1gbGmdoyKyLyj
> d4px2wyB6oWS5C3ZEdAG8oy9QC1LERgnqTt7kMGMNl5j8E1AAMsPTw7laULss1S1
> itF2Nys9bJZA1dfQTx7B
> =w79Q
> -----END PGP SIGNATURE-----
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: community-unsubscribe@apache.org
> For additional commands, e-mail: community-help@apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: community-unsubscribe@apache.org
For additional commands, e-mail: community-help@apache.org
Re: [OpenPGP] Moving Away From DSA and SHA-1
Posted by Robert Burrell Donkin <rd...@apache.org>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
William A. Rowe, Jr. wrote:
> Jukka Zitting wrote:
>> Hi,
>>
>> On Tue, Aug 11, 2009 at 4:09 PM, Rich Bowen<rb...@rcbowen.com> wrote:
>>> Is it possible to regenerate my gpg key without losing all the signatures on
>>> my existing key?
>> To bootstrap the new key, you could sign it with your old key.
>>
>> Not sure if that should be enough for others to trust that it came
>> from you even without a F2F keysigning party.
for the moment, yes
once 1024 bit keys become generally untrusted, no
this is the big advantage of a measure transition: having to purge your
only key when DSA is conclusively broken will be a PITA
> Signed with Ultimate trust, it should be enough. You can have multiple
> private keys in place so enigmail and other programs will still decrypt
> all of your artifacts. But you should have people sign the new key (and
> we can do so, trusting that you-were-you, and your new key has ultimate
> trust from the key we already signed).
>
> E.g. my old key is still valid, not yet revoked, but used far too often for
> far too many artifacts. So I rolled a 10 year (you might want it to be
> forever) master key, and just roll some one or two year encryption and
> signing keys to use for 'a while'.
>
> The nice bit, people sign your master key. You sign your subordinate
> keys for various purposes, creating new ones whenever you want. So no
> more need to get new keys signed.
this is the setup i'm using ATM
- - robert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQIcBAEBAgAGBQJKgr0pAAoJEHl6NpRAqILLQewP/jEaNbFJ3M9MjzSfKir0N1T/
qKLDPkO+tfU6tkq/ywr2j10QJkTm4G23AUMiEMHA0AMmg8mz0QhPb+WiuVxMm+9S
Sl0mgbhtn/ZOKd9SrctksDqThq3N03we+OtIkSJ5WJkjqxl8umkZhSaIyJWluFrs
a8JVLrmYLs4niUAtJ2o5QJZbWHrf5W0QRCtx5Kh7g/PtXuooNYNphh8OBty4N56y
mzv3QwmILlaoiMxwYW/UOBH4Jq7lzpIF+xC3Eqh8Pa+KXd2034nW/3lQnqi5aEbj
81iT3BYWrADIszurr2xvOnbDNrTxnhSCT1aXFFhAPpRBumrvvudtTOL2FHmLbqOu
36AztnlGIyAO+ho48AEybx1GuSLO/BkBaeiWTGrkEtv4gZiSvWwWooFjp/gbYpIJ
+gwWiBuUH3FBdAN7YAb7il4bH9L/Iip0hxWtDhq63FM6qlKgKoiDB/fG0h7Gl5M8
MFozOk8GBMF5sJJvmEfcqC691am5rHYO5KWYBuiEl2Bc9BJQC/rdwwggk2o8V9uP
n1bw4jwrwR9YsO9aLEHgNiCAh0xq1MD57HbeFNLstBy9HtQto8VAisHh6rF8qPYA
0+RwdnSBiKaJMiMPzOrts/XEC41CMb3FqLWHrMUp9Y8cY6qSaGrWFcZHLdsKireg
hL6yTDt0cgiSqUbi4JZm
=1Zsv
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: community-unsubscribe@apache.org
For additional commands, e-mail: community-help@apache.org
Re: [OpenPGP] Moving Away From DSA and SHA-1
Posted by "William A. Rowe, Jr." <wr...@rowe-clan.net>.
Jukka Zitting wrote:
> Hi,
>
> On Tue, Aug 11, 2009 at 4:09 PM, Rich Bowen<rb...@rcbowen.com> wrote:
>> Is it possible to regenerate my gpg key without losing all the signatures on
>> my existing key?
>
> To bootstrap the new key, you could sign it with your old key.
>
> Not sure if that should be enough for others to trust that it came
> from you even without a F2F keysigning party.
Signed with Ultimate trust, it should be enough. You can have multiple
private keys in place so enigmail and other programs will still decrypt
all of your artifacts. But you should have people sign the new key (and
we can do so, trusting that you-were-you, and your new key has ultimate
trust from the key we already signed).
E.g. my old key is still valid, not yet revoked, but used far too often for
far too many artifacts. So I rolled a 10 year (you might want it to be
forever) master key, and just roll some one or two year encryption and
signing keys to use for 'a while'.
The nice bit, people sign your master key. You sign your subordinate
keys for various purposes, creating new ones whenever you want. So no
more need to get new keys signed.
---------------------------------------------------------------------
To unsubscribe, e-mail: community-unsubscribe@apache.org
For additional commands, e-mail: community-help@apache.org
Re: [OpenPGP] Moving Away From DSA and SHA-1
Posted by Jukka Zitting <ju...@gmail.com>.
Hi,
On Tue, Aug 11, 2009 at 4:09 PM, Rich Bowen<rb...@rcbowen.com> wrote:
> Is it possible to regenerate my gpg key without losing all the signatures on
> my existing key?
To bootstrap the new key, you could sign it with your old key.
Not sure if that should be enough for others to trust that it came
from you even without a F2F keysigning party.
BR,
Jukka Zitting
---------------------------------------------------------------------
To unsubscribe, e-mail: community-unsubscribe@apache.org
For additional commands, e-mail: community-help@apache.org
Re: [OpenPGP] Moving Away From DSA and SHA-1
Posted by Robert Burrell Donkin <rd...@apache.org>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Roy T. Fielding wrote:
> On Aug 11, 2009, at 8:24 AM, Robert Burrell Donkin wrote:
>> 1024 bit keys and SHA-1 links are currently considered safe so there's
>> no reason to believe that apache keys have been compromised. transition
>> statements [1] in a trusted location will probably be good enough to
>> convince most people to re-sign. but we'd need to think carefully about
>> a sufficient secure infrastructure before recommending this.
>
> There is nothing wrong with the existing keys. There is no danger
> of any compromise, even by brute-force attack. Our signatures are
> used for verification, not privacy, and in any case the "schedule"
> for key sizes becoming weak is based on speculation. There is no
> evidence to suggest that anyone has managed to find a specific
> private key to match a given 1024-bit public key.
the weakness with 1024 bit keys is that they have to use SHA-1 which is
now looking vulnerable. this issues effects both the WOT and signing but
not encryption.
i agree that the key size estimates beyond 2048 are just speculation. no
one really knows whether 4096 will be found to be too weak before SHA-3
is finalised. it is clear that 4096 is a better size for new keys than
2048.
> Quite frankly, I think that this effort to purge 1024 bit keys will
> simply make PGP useless for verifications, since PGP without the
> web of trust is a friggin waste of time. What people should do is
> increase the default key size for new keys and just be happy that
> anyone uses PGP/GPG at all.
this isn't about a purge but an orderly transition whilst there's time
to do that. if it were just encryption i'd agree that it's a waste of time.
the problem is that the WOT uses SHA-1. if people act whilst SHA-1 can
still be reasonably trusted then the WOT can be re-established
relatively easily. every SHA-1 link between weaker keys can be replaced
by a SHA-512 link between stronger keys. if it's broken before we start
the transition it will be much more difficult.
- - robert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQIcBAEBAgAGBQJKgrl4AAoJEHl6NpRAqILLgG0P/1LYdFIDKSvQW9k3ERsX6qEC
yqbDvX+wW4xK2HtkoVO/JLQ95QT8QsgTsmYz1SHaRebn4DERejF16WXji7k34vJY
GpUUweGm68MKeUBpMZhNPeT6lV+ytbwkO983xkmllYpqkCPF7q34FX/dDN/7y3uX
O5qtubz0bUCupIFvGPWmLTnlOIXBxbsoxaanf36oMk6vYL3HLOQxGOp66FAbgNdV
f7Ofl/PG+VDtIPFxeOuZmVIn5YX+EJiL0o2kTvhoBCgfj4cRoKJI6QUba7Ofzlq4
1UI1+qHeyrUl83i/OyjHPk8S9DiNnZ+z1JsTkA7r1PAdq5ZN3UW3XFPrgreQDlFk
y5oPpRqpAcWF5YS57KgLgp35bTxJhb1oi7uxvtv84If9K7TW+eecG+3OQJFu4J9F
S5iQ0IDd6uDZ/gApmApTZJyqAa4UWCqVLd9ySEiSLXOpE0pUfyo37c+2L1delBhg
UYUtcDbgF7x7P0ju7bNxomJ8Ibb5dUttinzGlD+kTfD5hpd6G6J9OkXXKR+Me0f4
5XjZqv5YJXure/Ujc+svEzOGDIUORqDznTT7Rut3iIpLhVpNDjnWiXw7tPtn9WDM
sZBLKTHLH6vRgfacrdkjSy278834o+0NOK5zO3Z2Udu0EbVwKDadelnwSP4NIPL0
G7CwOeSmCINhs1wJrFoe
=16P1
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: community-unsubscribe@apache.org
For additional commands, e-mail: community-help@apache.org
Re: [OpenPGP] Moving Away From DSA and SHA-1
Posted by "Roy T. Fielding" <fi...@gbiv.com>.
On Aug 11, 2009, at 8:24 AM, Robert Burrell Donkin wrote:
> 1024 bit keys and SHA-1 links are currently considered safe so there's
> no reason to believe that apache keys have been compromised.
> transition
> statements [1] in a trusted location will probably be good enough to
> convince most people to re-sign. but we'd need to think carefully
> about
> a sufficient secure infrastructure before recommending this.
There is nothing wrong with the existing keys. There is no danger
of any compromise, even by brute-force attack. Our signatures are
used for verification, not privacy, and in any case the "schedule"
for key sizes becoming weak is based on speculation. There is no
evidence to suggest that anyone has managed to find a specific
private key to match a given 1024-bit public key.
Quite frankly, I think that this effort to purge 1024 bit keys will
simply make PGP useless for verifications, since PGP without the
web of trust is a friggin waste of time. What people should do is
increase the default key size for new keys and just be happy that
anyone uses PGP/GPG at all.
....Roy
---------------------------------------------------------------------
To unsubscribe, e-mail: community-unsubscribe@apache.org
For additional commands, e-mail: community-help@apache.org
Re: [OpenPGP] Moving Away From DSA and SHA-1
Posted by Robert Burrell Donkin <rd...@apache.org>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Rich Bowen wrote:
>
> On Aug 11, 2009, at 10:13, Tony Stevenson wrote:
>
>> You cannot retrospectively 'upgrade' your key, AIUI, at least.
>> So you will sadly lose all your signatures as you will need a new
>> key.
it should be possible to use a script to transfer them
>> Thankfully I created mine with a 4096 key length so I'm ok, but
>> I get impression many folks wont be.
>>
>> Get your key created now, and at Apachecon we will have to have a
>> large key signing party. :)
yes :-)
but we can probably do a little better than that
1024 bit keys and SHA-1 links are currently considered safe so there's
no reason to believe that apache keys have been compromised. transition
statements [1] in a trusted location will probably be good enough to
convince most people to re-sign. but we'd need to think carefully about
a sufficient secure infrastructure before recommending this.
we should really probably think about setting up some minimal
revocation infrastructure (subversion space plus mailing list, perhaps)
plus documentation while we're thinking about it...
> Pity.
>
> Also, there's the issue of being unable to read encrypted email I
> receive by the old key. But I suppose that I can deal with that on a
> case-by-case basis. And hardly anybody sends me encrypted email any more
> anyways.
the particular problem for apache is that it's the code signing usage
that has been broken by the SHA-1 collisions. it's safe to keep the old
key around to read encrypted email. personally speaking, i'd just delete
the signing private key and transfer the encryption subkey to the new
ring (setting an appropriate expiry date).
> Ok. Generating new key. I guess this is my chance to purge all of those
> former employer email addresses from my key, too.
there are some settings that need changing before you do. probably need
to upgrade to the latest version of GnuPG as well. i'm working on some
instructions which i'll tidy up and blog some time soon. it'd be great
if people could wait and alpha test the official apache documentation.
i have some instructions about replacing the existing uses at apache
which i'll tidy up and blog.
since the DSA keys are still considered safe ATM, i recommend retaining
both for a transitional period. the important point is to use the new,
longer key for signing.
- - robert
[1]
http://www.jroller.com/robertburrelldonkin/entry/openpgp_transition_statement
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQIcBAEBAgAGBQJKgY1CAAoJEHl6NpRAqILLL8oQAMNJk1Zy6e+zkbpqcYtE/x6N
lny/kYTMrnIM6xeewlFVUnLBkB9nIgYhrHaqCpQx3yRCh8ouUKzCFOWMNbCGZHxf
sOZmOOTHa36y0K+9+iJI38VFfT03wXoI3qGHcCT/AE04oSVSGKZE9wveb/0uPhjs
pNmcuvvaJ01urZioKnZw7H37b2kPLMowqtf+t+4w/NWy5iok1QKN50xW15yJDfnh
83D8EoW191Zbg9beba51WmdWzk3Wio/J3ngpM69LxmJTxYSs0BI5rK+cUaD/E5XF
XiDx7ZS7dAfHeRGGU47SVlmJ+IIf1BK2DCiP43cYKjZOJnP11C3p00Bytc+MyQ02
x+412rSZDyqEEL5odlYfFiwj7lWWw7dji4koeszJDNQtKdiC+VZX24TXYhQmLLhw
R53OCe6hW9l4hi903C+hJ9zXVwy+UMRRG6GkQ1tZt04H6Ag8yUSATCLoD0YrCzXe
M3ngr2wr3uPvxwyUftJ4KUYJyKdwrMvaUPDBNg+ruETpI47t/Ry6DJDzdT0OU5PF
UK+KPkmAWdc07RjkxzrtnAllsRVCLwHsu5FeOLvLBBYW8iHuZinfr/Ia0QTz245v
3BW+PFy78IAmJ38tF109mAD9idqM7TJI4uVtg6XyaaK9Gh+KenAGkf4JeAwU+Urw
j1ZLV+qgpTdVE9vOvYPG
=jBlm
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: community-unsubscribe@apache.org
For additional commands, e-mail: community-help@apache.org
Re: [OpenPGP] Moving Away From DSA and SHA-1
Posted by Tony Stevenson <to...@pc-tony.com>.
On 11 Aug 2009, at 15:25, Rich Bowen wrote:
>
> On Aug 11, 2009, at 10:13, Tony Stevenson wrote:
>
>> You cannot retrospectively 'upgrade' your key, AIUI, at least.
>> So you will sadly lose all your signatures as you will need a new
>> key. Thankfully I created mine with a 4096 key length so I'm ok,
>> but I get impression many folks wont be.
>>
>> Get your key created now, and at Apachecon we will have to have a
>> large key signing party. :)
>
>
> Pity.
>
> Also, there's the issue of being unable to read encrypted email I
> receive by the old key. But I suppose that I can deal with that on a
> case-by-case basis. And hardly anybody sends me encrypted email any
> more anyways.
>
It doesn't mean you cant still keep your old key for this purpose.
> Ok. Generating new key. I guess this is my chance to purge all of
> those former employer email addresses from my key, too.
You can delete identities from your keys without having to re-
generate. Most folks forget, but meh.
Cheers,
Tony
--------------------------------------------
Tony Stevenson
tony@pc-tony.com - pctony@apache.org
pctony@freenode.net - tony@caret.cam.ac.uk
http://blog.pc-tony.com
1024D/51047D66 ECAF DC55 C608 5E82 0B5E
3359 C9C7 924E 5104 7D66
--------------------------------------------
---------------------------------------------------------------------
To unsubscribe, e-mail: community-unsubscribe@apache.org
For additional commands, e-mail: community-help@apache.org
Re: [OpenPGP] Moving Away From DSA and SHA-1
Posted by Rich Bowen <rb...@rcbowen.com>.
On Aug 11, 2009, at 10:13, Tony Stevenson wrote:
> You cannot retrospectively 'upgrade' your key, AIUI, at least.
> So you will sadly lose all your signatures as you will need a new
> key. Thankfully I created mine with a 4096 key length so I'm ok,
> but I get impression many folks wont be.
>
> Get your key created now, and at Apachecon we will have to have a
> large key signing party. :)
Pity.
Also, there's the issue of being unable to read encrypted email I
receive by the old key. But I suppose that I can deal with that on a
case-by-case basis. And hardly anybody sends me encrypted email any
more anyways.
Ok. Generating new key. I guess this is my chance to purge all of
those former employer email addresses from my key, too.
--
We are here and it is now.
Further than that all human knowledge is moonshine.
H.L.Mencken
---------------------------------------------------------------------
To unsubscribe, e-mail: community-unsubscribe@apache.org
For additional commands, e-mail: community-help@apache.org
Re: [OpenPGP] Moving Away From DSA and SHA-1
Posted by Tony Stevenson <to...@pc-tony.com>.
You cannot retrospectively 'upgrade' your key, AIUI, at least.
So you will sadly lose all your signatures as you will need a new
key. Thankfully I created mine with a 4096 key length so I'm ok, but
I get impression many folks wont be.
Get your key created now, and at Apachecon we will have to have a
large key signing party. :)
Tony
On 11 Aug 2009, at 15:09, Rich Bowen wrote:
> Is it possible to regenerate my gpg key without losing all the
> signatures on my existing key? I presume not, but perhaps there's
> something I'm missing. I have a 1024 bit key, and would like to be
> like the cook kids, but not lose ten years of signatures.
>
> On Aug 11, 2009, at 08:39, Robert Burrell Donkin wrote:
>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> with ApacheConUS only three months away, we really need to start
>> planning how apache can move away from short keys (DSA and RSA <
>> 2048)
>> and weak WOT links (SHA-1)[1]. the consensus on infra was that this
>> is
>> the best list for this discussion. if it happens to get too busy
>> then a
>> new list can be created.
>>
>> the first step needs to be updating the documents so that new release
>> managers know how to set up and use GnuPG[2] to generate keys
>> unlikely
>> to need changing in the next couple of years. i'll start a thread
>> over
>> on site dev to cover this.
>>
>> the first question for discussion is recommended key length. 2048
>> is the
>> minimum safe size for new keys but only just. for keys used to sign
>> releases, 4096 is more credible today. 8192 bit keys are possible
>> with
>> GnuPG[3] but are fiddly and - in older tools - support may be patchy.
>> going for 4096 would mean a second transition before 2015 but the
>> next
>> generation (SHA-3 and next generation of OpenPGP) should be
>> available by
>> then.
>>
>> consensus on infra was to go for 4096 but if anyone knows any good
>> reasons to go for some other value, please jump in.
>>
>> - - robert
>>
>> [1]
>> http://www.jroller.com/robertburrelldonkin/entry/release_distribution_renewing_the_web
>> [2] http://www.gnupg.org
>> [3] http://www.jroller.com/robertburrelldonkin/entry/gnupg_8192bit_rsa_keys
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v2.0.11 (GNU/Linux)
>> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>>
>> iQIcBAEBAgAGBQJKgWaEAAoJEHl6NpRAqILLzzQP/RI/ZpkauHrLMzW48lNRsmUc
>> h9a4HJ1WXL6eESSbJK9rawPxrAvG/p3rbH3TTixIkwLPz8BQDuG8kxmTHn8LDlGg
>> /YLZbDtgFpF3SElGn1MbzldI48DTgw/JXa4opVHi/gvSAoA72+P7td5D12YiA+6R
>> Urr6I8hcDOdHRfDsXPHbu5MLh4S//vVgrdOXahLqwzwJK0GCdsjJ88RGJgPXrWfH
>> abfzKY3jGUheLtIJUbQiMI2IKA5VrCK+WMXoWxnqnnxL6JDQUGXfpai5dxoRy22D
>> wcv6UN+FIUF8OCBymYRXMcngwczYDkYkUyrVEjOSlnmtC4rHKq/wZGtn3VJGSCEf
>> hLoSC+aZ+HLHxK5pA0ZxRs4IFhMtTijV5ng6VA1aOPW0N1ySIUd7fgAO7QpksCcL
>> 84LZMAzstH48Ce2Zzrj8oJ5NLYIR531Mh0C7N/JRkUdPLTXDByvXBTJ9uRXoRw6v
>> a1IexoewUxXfAcR2Yi0lVtkL9ZBVWMm/caXpSqLHKxFvQND71dWg+7UsfJR057c3
>> CP5bwJIp4dANLOeYa6kj07b+Xu2ZutKBAdZWSH/u3lx1Grh3apq1gbGmdoyKyLyj
>> d4px2wyB6oWS5C3ZEdAG8oy9QC1LERgnqTt7kMGMNl5j8E1AAMsPTw7laULss1S1
>> itF2Nys9bJZA1dfQTx7B
>> =w79Q
>> -----END PGP SIGNATURE-----
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: community-unsubscribe@apache.org
>> For additional commands, e-mail: community-help@apache.org
>>
>
> --
> If you miss this moment
> You miss your life
>
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: community-unsubscribe@apache.org
> For additional commands, e-mail: community-help@apache.org
>
Cheers,
Tony
--------------------------------------------
Tony Stevenson
tony@pc-tony.com - pctony@apache.org
pctony@freenode.net - tony@caret.cam.ac.uk
http://blog.pc-tony.com
1024D/51047D66 ECAF DC55 C608 5E82 0B5E
3359 C9C7 924E 5104 7D66
--------------------------------------------
---------------------------------------------------------------------
To unsubscribe, e-mail: community-unsubscribe@apache.org
For additional commands, e-mail: community-help@apache.org
Re: [OpenPGP] Moving Away From DSA and SHA-1
Posted by Rich Bowen <rb...@rcbowen.com>.
Is it possible to regenerate my gpg key without losing all the
signatures on my existing key? I presume not, but perhaps there's
something I'm missing. I have a 1024 bit key, and would like to be
like the cook kids, but not lose ten years of signatures.
On Aug 11, 2009, at 08:39, Robert Burrell Donkin wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> with ApacheConUS only three months away, we really need to start
> planning how apache can move away from short keys (DSA and RSA < 2048)
> and weak WOT links (SHA-1)[1]. the consensus on infra was that this is
> the best list for this discussion. if it happens to get too busy
> then a
> new list can be created.
>
> the first step needs to be updating the documents so that new release
> managers know how to set up and use GnuPG[2] to generate keys unlikely
> to need changing in the next couple of years. i'll start a thread over
> on site dev to cover this.
>
> the first question for discussion is recommended key length. 2048 is
> the
> minimum safe size for new keys but only just. for keys used to sign
> releases, 4096 is more credible today. 8192 bit keys are possible with
> GnuPG[3] but are fiddly and - in older tools - support may be patchy.
> going for 4096 would mean a second transition before 2015 but the next
> generation (SHA-3 and next generation of OpenPGP) should be
> available by
> then.
>
> consensus on infra was to go for 4096 but if anyone knows any good
> reasons to go for some other value, please jump in.
>
> - - robert
>
> [1]
> http://www.jroller.com/robertburrelldonkin/entry/release_distribution_renewing_the_web
> [2] http://www.gnupg.org
> [3] http://www.jroller.com/robertburrelldonkin/entry/gnupg_8192bit_rsa_keys
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.11 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iQIcBAEBAgAGBQJKgWaEAAoJEHl6NpRAqILLzzQP/RI/ZpkauHrLMzW48lNRsmUc
> h9a4HJ1WXL6eESSbJK9rawPxrAvG/p3rbH3TTixIkwLPz8BQDuG8kxmTHn8LDlGg
> /YLZbDtgFpF3SElGn1MbzldI48DTgw/JXa4opVHi/gvSAoA72+P7td5D12YiA+6R
> Urr6I8hcDOdHRfDsXPHbu5MLh4S//vVgrdOXahLqwzwJK0GCdsjJ88RGJgPXrWfH
> abfzKY3jGUheLtIJUbQiMI2IKA5VrCK+WMXoWxnqnnxL6JDQUGXfpai5dxoRy22D
> wcv6UN+FIUF8OCBymYRXMcngwczYDkYkUyrVEjOSlnmtC4rHKq/wZGtn3VJGSCEf
> hLoSC+aZ+HLHxK5pA0ZxRs4IFhMtTijV5ng6VA1aOPW0N1ySIUd7fgAO7QpksCcL
> 84LZMAzstH48Ce2Zzrj8oJ5NLYIR531Mh0C7N/JRkUdPLTXDByvXBTJ9uRXoRw6v
> a1IexoewUxXfAcR2Yi0lVtkL9ZBVWMm/caXpSqLHKxFvQND71dWg+7UsfJR057c3
> CP5bwJIp4dANLOeYa6kj07b+Xu2ZutKBAdZWSH/u3lx1Grh3apq1gbGmdoyKyLyj
> d4px2wyB6oWS5C3ZEdAG8oy9QC1LERgnqTt7kMGMNl5j8E1AAMsPTw7laULss1S1
> itF2Nys9bJZA1dfQTx7B
> =w79Q
> -----END PGP SIGNATURE-----
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: community-unsubscribe@apache.org
> For additional commands, e-mail: community-help@apache.org
>
--
If you miss this moment
You miss your life
---------------------------------------------------------------------
To unsubscribe, e-mail: community-unsubscribe@apache.org
For additional commands, e-mail: community-help@apache.org
Re: [OpenPGP] Moving Away From DSA and SHA-1
Posted by Robert Burrell Donkin <rd...@apache.org>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Robert Burrell Donkin wrote:
> Robert Burrell Donkin wrote:
>> Henri Yandell wrote:
>>> Need to update http://www.apache.org/dev/release-signing.html to say
>>> 4096 asap I suspect :) Stop new people being lured into this problem.
>
> i've committed something (as a stopgap measure)
>
>> yes but...
>
>> key size isn't the direct cause of the problem: SHA-1 is
>
>> AIUI the OpenPGP WG assumed that the next generation hash algorithm (and
>> so the next OpenPGP revision) would be available before SHA-1 was
>> broken. this is now looking very unlikely.
>
>> so, new keys need to be generated using the latest tools with specific
>> settings (older tools and default settings typically try to force people
>> into the OpenPGP defaults for compatibility), and everyone (even those
>> with longer keys) need to upgrade their tools and adjust the settings.
>
>> we also need to ensure that we're setting up the infrastructure for an
>> orderly, measured transition rather than rushing to create a panic.
>
> should probably expand that section explaining the situation.
the improved text from discussions on site-dev is:
Recent research has revealed weaknesses in SHA-1, and thus in the DSA
and 1024 bit RSA OpenPGP keys which must use this algorithm. Though
no realistic attacks have been made public, experience with similar
weaknesses in MD5 suggests that further advances may well lead
to practical attacks within the next few years. This accords with
current NIST guidance on DSA.
All new RSA keys generated should be at least 4096 bits. Do not
generate new DSA keys.
See discussions on the community list for more information.
opinions? improvements?
- - robert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQIcBAEBAgAGBQJKguohAAoJEHl6NpRAqILLILQQAN41dKfN09x08CzDRATmv9IP
Q8wFvdaVzMIh/FRKXRVUqIlE75hI8GjiyaOVxt462ruRDFAo45mxpxvXttYP0iVg
kJHDVLgCEtI4kIjM4uDCcJ8hMPewqCU3Mh6qDEIfEJHftWdaGO6agwet204vGQ3n
rUuE+Rf0t6McRufHx7HVT9hiO5wqArj9S65t6jpqh7CwJU2PZQ+ApqyFJxxzsxxR
0gSCzuhG+MYj7QFtx4EcZGyQE7LKKKd7hhgsCAxHQ204DhCQc4+xY+WM/gQ4GZ2c
YLcOA7EeW4oy2aS2DXs4AICfiOW9R9PyeUs+oCcnbDGM/BzZfOBICHB/jnMj5lNM
KpgA8dQZcDqoUGnBtuDQ7658wB2iooGQZw52quxp/36A3sje3Pwq64cLV1UI2fmI
5CK2lJ8Bouky1z39BIq3UZIKBNjHDM7x1RUvRM2/CCe1ZjAPzWHIwWteV45+qCd3
jDbaBQ1bysie19ST7ojYX+zFwLz2kFk3hrbC6xwL0xydFgAQmTdjNTnC5bvZBzCy
/DFRbnIRrDOW7JW1vNenXInuEhva/a0nrdgBRYeTbcQfmvCNM7As+oJI6hv+gGjL
SaRen2akc5vaeg0Igtp+GX1JwOkBvtI/9FLfQ4ezd+MsApu/OpB0R/UGFCIyx3+N
XnFPPTyffNUPwBUDZ/43
=beJj
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: community-unsubscribe@apache.org
For additional commands, e-mail: community-help@apache.org
Re: [OpenPGP] Moving Away From DSA and SHA-1
Posted by Robert Burrell Donkin <rd...@apache.org>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Robert Burrell Donkin wrote:
> Henri Yandell wrote:
>> Need to update http://www.apache.org/dev/release-signing.html to say
>> 4096 asap I suspect :) Stop new people being lured into this problem.
i've committed something (as a stopgap measure)
> yes but...
>
> key size isn't the direct cause of the problem: SHA-1 is
>
> AIUI the OpenPGP WG assumed that the next generation hash algorithm (and
> so the next OpenPGP revision) would be available before SHA-1 was
> broken. this is now looking very unlikely.
>
> so, new keys need to be generated using the latest tools with specific
> settings (older tools and default settings typically try to force people
> into the OpenPGP defaults for compatibility), and everyone (even those
> with longer keys) need to upgrade their tools and adjust the settings.
>
> we also need to ensure that we're setting up the infrastructure for an
> orderly, measured transition rather than rushing to create a panic.
should probably expand that section explaining the situation. maybe
something like:
"
Recent research has revealed weaknesses in SHA-1, and in the DSA and
1024 bit RSA OpenPGP keys which must use this algorithm. Though these
weaknesses are not yet feasible but - if experience with similar
weaknesses in MD5 can be a guide - further advances may well lead to
practical attackers within the next few years. There is no reason for
owners of these keys to panic but new keys of short length should not be
generated.
All new RSA keys generated should be at least 4096 bits. Do not generate
new DSA keys.
See discussions on the community list for more information.
"
opinions? improvements?
- - robert
- ---------------------------------------------------------------------
To unsubscribe, e-mail: community-unsubscribe@apache.org
For additional commands, e-mail: community-help@apache.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQIcBAEBAgAGBQJKgsXCAAoJEHl6NpRAqILLRfMQANmiqQ6PIIqxXj2E913/U1py
9pcBZE5veSmXqEu0p7gL/U0QWkbFd8Ogfv2NAlKAZaA39bAyB6U2h3Pi0KSAJkQ4
VtFhjwTdqGYSU+DZW/TCR06W1V8VNWcXRjCujuVE6Zp59DAn2/qYHKwh09D77BRt
M+gYyPHQWf5WqUt1yQlLq56aXIzkwoFccPMEjGvbztwaK7lFYNbx8/LQZclvFTEn
5kinUIHakU8vsz+UT92Cz/kuzBYheO8Ih1zjO1h3PXJfoZyulDgOHj+M1cYNbHrp
een0Y21zAK9NaB1arPargd4yIjGpaI0BVp2nSCvI5MZT3VpJUm025RiYvSjQn3f4
psfG6Y4vS3X/d7FsNszx4uQgtIoP8S1Iq8QFqF0p5zzxW91i3JaLGwq4dNS92to8
DLRb/3Q+90LfANdIjorDYDeybF4DICXUK6bIcAe3ejEhnsIGx41OxKrhIl17UWwl
+ZJuBIZfjQXLpg3DpExnCawo23vB02+Op2anzN1AISlIUtZqGu4EkArZA/i3fy4X
QRNd28/eh/JeozVPjDhhD+K0Uph1154hu8RgTKBs9emLzCsy5h67wtQJVbRrmbI+
zuZ6g6okhQPUtrjQzKlv6WwgdqjxVSAl+uuJdbr+BkDdSI1gJxlUwAfh5a0uHY1B
IJrs7IDy429sbaMylGrJ
=2LWM
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: community-unsubscribe@apache.org
For additional commands, e-mail: community-help@apache.org
Re: [OpenPGP] Moving Away From DSA and SHA-1
Posted by Robert Burrell Donkin <rd...@apache.org>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Henri Yandell wrote:
> Need to update http://www.apache.org/dev/release-signing.html to say
> 4096 asap I suspect :) Stop new people being lured into this problem.
yes but...
key size isn't the direct cause of the problem: SHA-1 is
AIUI the OpenPGP WG assumed that the next generation hash algorithm (and
so the next OpenPGP revision) would be available before SHA-1 was
broken. this is now looking very unlikely.
so, new keys need to be generated using the latest tools with specific
settings (older tools and default settings typically try to force people
into the OpenPGP defaults for compatibility), and everyone (even those
with longer keys) need to upgrade their tools and adjust the settings.
we also need to ensure that we're setting up the infrastructure for an
orderly, measured transition rather than rushing to create a panic.
- - robert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQIcBAEBAgAGBQJKgru2AAoJEHl6NpRAqILLf3AP/RPhP1RED+VhnpPrgBacYc/l
CQhVthk5sAru4aFLm/v4FcDab0eqLbnhexq9eKAamkehkW5x+F7qyuwng/RHtN7T
kQkLgjS8LGxfP+nhs11iHzOdtCPVJ5Q1VOaDJ4HbOTnV7H4jhHgAzdB2700LCB4r
/mSk2YG9zfBJXc8kXYD9r/LkHtKlWfdC9evbvlVO8WMionbKwzcq87vD+10dW23Z
ne0lqKDyw/9pCn8HMRt2S5o5E/QynZ+681ONgeNGGU67W5FWW8NPmH20AYLwEFXH
pPPMXHyLMQFZffHenJHMeJJLpEtOwKBL/Fa7ITiOTv7+2jd+EBrghUIa/K9p2VYK
3GcOzvK/tfhR2qV05N1NyScTbHFq6HgpL++r0ijB4thhqrZzXoLrVQRJzO58iXBI
+HHJ6GRdSNN6Dt9eZ58dsnvwONd9x8M0Omsut1azbNfOtO9WrjveBgygLwWE4LgI
iqoxaY4zZmahPPvFag4urdVcl4Lu0T77q0llO94YucIHgHJMITk8dACJey/Fp1SO
xHqMpn2AiMRlbfbOESAbG70yUvRS8QZ7z28E17pSXHMrXrf6vrIG0dhVKSUfIE/A
PQ8qR/t9gi70FDKs+awA5b9D5k3fL2fQGVaq+NTovnHmS5z7jKZJQWpstBsZ2rCo
DqJkyt6lLNfC+B5pB01b
=mL9t
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: community-unsubscribe@apache.org
For additional commands, e-mail: community-help@apache.org
Re: [OpenPGP] Moving Away From DSA and SHA-1
Posted by Henri Yandell <ba...@apache.org>.
Need to update http://www.apache.org/dev/release-signing.html to say
4096 asap I suspect :) Stop new people being lured into this problem.
Hen
On Tue, Aug 11, 2009 at 5:39 AM, Robert Burrell
Donkin<rd...@apache.org> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> with ApacheConUS only three months away, we really need to start
> planning how apache can move away from short keys (DSA and RSA < 2048)
> and weak WOT links (SHA-1)[1]. the consensus on infra was that this is
> the best list for this discussion. if it happens to get too busy then a
> new list can be created.
>
> the first step needs to be updating the documents so that new release
> managers know how to set up and use GnuPG[2] to generate keys unlikely
> to need changing in the next couple of years. i'll start a thread over
> on site dev to cover this.
>
> the first question for discussion is recommended key length. 2048 is the
> minimum safe size for new keys but only just. for keys used to sign
> releases, 4096 is more credible today. 8192 bit keys are possible with
> GnuPG[3] but are fiddly and - in older tools - support may be patchy.
> going for 4096 would mean a second transition before 2015 but the next
> generation (SHA-3 and next generation of OpenPGP) should be available by
> then.
>
> consensus on infra was to go for 4096 but if anyone knows any good
> reasons to go for some other value, please jump in.
>
> - - robert
>
> [1]
> http://www.jroller.com/robertburrelldonkin/entry/release_distribution_renewing_the_web
> [2] http://www.gnupg.org
> [3] http://www.jroller.com/robertburrelldonkin/entry/gnupg_8192bit_rsa_keys
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.11 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iQIcBAEBAgAGBQJKgWaEAAoJEHl6NpRAqILLzzQP/RI/ZpkauHrLMzW48lNRsmUc
> h9a4HJ1WXL6eESSbJK9rawPxrAvG/p3rbH3TTixIkwLPz8BQDuG8kxmTHn8LDlGg
> /YLZbDtgFpF3SElGn1MbzldI48DTgw/JXa4opVHi/gvSAoA72+P7td5D12YiA+6R
> Urr6I8hcDOdHRfDsXPHbu5MLh4S//vVgrdOXahLqwzwJK0GCdsjJ88RGJgPXrWfH
> abfzKY3jGUheLtIJUbQiMI2IKA5VrCK+WMXoWxnqnnxL6JDQUGXfpai5dxoRy22D
> wcv6UN+FIUF8OCBymYRXMcngwczYDkYkUyrVEjOSlnmtC4rHKq/wZGtn3VJGSCEf
> hLoSC+aZ+HLHxK5pA0ZxRs4IFhMtTijV5ng6VA1aOPW0N1ySIUd7fgAO7QpksCcL
> 84LZMAzstH48Ce2Zzrj8oJ5NLYIR531Mh0C7N/JRkUdPLTXDByvXBTJ9uRXoRw6v
> a1IexoewUxXfAcR2Yi0lVtkL9ZBVWMm/caXpSqLHKxFvQND71dWg+7UsfJR057c3
> CP5bwJIp4dANLOeYa6kj07b+Xu2ZutKBAdZWSH/u3lx1Grh3apq1gbGmdoyKyLyj
> d4px2wyB6oWS5C3ZEdAG8oy9QC1LERgnqTt7kMGMNl5j8E1AAMsPTw7laULss1S1
> itF2Nys9bJZA1dfQTx7B
> =w79Q
> -----END PGP SIGNATURE-----
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: community-unsubscribe@apache.org
> For additional commands, e-mail: community-help@apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: community-unsubscribe@apache.org
For additional commands, e-mail: community-help@apache.org