Policy For Sunsetting GPG Keys < 2048 Bits

Mark Shuttleworth mark at ubuntu.com
Thu Nov 27 09:01:20 UTC 2014

On 27/11/14 00:05, Kees Cook wrote:
> I think we should have the same policy for PPAs, and it should follow the
> same timeline. Additionally, we should have LP reject uploading weak keys,
> which could happens early in the transition timeline.
> (Seems like we should ditch DSA keys entirely, and all RSA less than 2048.)

Are any of the ECC algorithms widely trusted yet? Seem nice and
efficient with SSH at least.


More information about the Ubuntu-release mailing list