[Merge] lp:~xnox/ubuntu-archive-publishing/gnupg2 into lp:ubuntu-archive-publishing
Steve Langasek
steve.langasek at canonical.com
Sun Nov 6 16:03:45 UTC 2016
On Fri, Nov 04, 2016 at 09:23:37PM -0000, Adam Conrad wrote:
> We're trusting the 1024 key regardless of what we use to sign. If we sign
> with the 4096, someone can still MITM using a compromised 1024 key.
That's not an argument for continuing to sign with the 1024 key where we
know the 4096 key will work, though.
> If we're concerned about that, we should SRU a violent change to
> everything >= trusty to stop trusting the 1024 key. That could cause
> issues for people behind the curve trying to upgrade through old-releases
> though.
We should prefer *not* having to SRU a violent change, which means we
*should* take these small steps towards deprecating the 1024 key where
possible.
> I suspect this was done just to keep the diff low and reviewable, but I
> agree a second MP to change all the keys to long IDs would be sane (though
> collision attacks on pepo are not actually an issue).
Right, but I want consistency here - all references to a given key should
either be short id or long id, not a mix of both.
--
https://code.launchpad.net/~xnox/ubuntu-archive-publishing/gnupg2/+merge/307171
Your team Ubuntu Package Archive Administrators is subscribed to branch lp:ubuntu-archive-publishing.
More information about the ubuntu-archive
mailing list