Policy For Sunsetting GPG Keys < 2048 Bits
marc.deslauriers at canonical.com
Thu Nov 27 16:55:03 UTC 2014
On 2014-11-26 07:05 PM, Kees Cook wrote:
> I think we should have the same policy for PPAs, and it should follow the
> same timeline. Additionally, we should have LP reject uploading weak keys,
> which could happens early in the transition timeline.
The good news is newly created PPAs now use 4096 RSA keys:
The bad news is I don't believe there's currently a way to transition existing
PPAs to a new key.
More information about the technical-board