Policy For Sunsetting GPG Keys < 2048 Bits
Marc Deslauriers
marc.deslauriers at canonical.com
Thu Nov 27 16:55:03 UTC 2014
On 2014-11-26 07:05 PM, Kees Cook wrote:
> I think we should have the same policy for PPAs, and it should follow the
> same timeline. Additionally, we should have LP reject uploading weak keys,
> which could happens early in the transition timeline.
The good news is newly created PPAs now use 4096 RSA keys:
https://bugs.launchpad.net/launchpad/+bug/1240681
http://bazaar.launchpad.net/~launchpad-pqm/launchpad/stable/revision/16960
The bad news is I don't believe there's currently a way to transition existing
PPAs to a new key.
Marc.
More information about the technical-board
mailing list