new blog post: GPG key transition
authorStefano Zacchiroli <zack@upsilon.cc>
Fri, 1 Oct 2010 10:01:43 +0000 (12:01 +0200)
committerStefano Zacchiroli <zack@upsilon.cc>
Fri, 1 Oct 2010 10:12:07 +0000 (12:12 +0200)
blog/archives/2010/10.mdwn [new file with mode: 0644]
blog/posts/2010/10.mdwn [new file with mode: 0644]
blog/posts/2010/10/new_GPG_key_6D866396.mdwn [new file with mode: 0644]
tags/gpg.mdwn [new file with mode: 0644]

diff --git a/blog/archives/2010/10.mdwn b/blog/archives/2010/10.mdwn
new file mode 100644 (file)
index 0000000..1bc7cef
--- /dev/null
@@ -0,0 +1 @@
+[[!template id=archive_month year="2010" month="10"]]
diff --git a/blog/posts/2010/10.mdwn b/blog/posts/2010/10.mdwn
new file mode 100644 (file)
index 0000000..4ffc7a0
--- /dev/null
@@ -0,0 +1 @@
+[[!meta redir=archives/2010/10]]
diff --git a/blog/posts/2010/10/new_GPG_key_6D866396.mdwn b/blog/posts/2010/10/new_GPG_key_6D866396.mdwn
new file mode 100644 (file)
index 0000000..ed66f26
--- /dev/null
@@ -0,0 +1,29 @@
+# so long and thanks for all the fish, dear old F2C423BC
+
+It was about time. Last
+[bits from keyring-maint](http://lists.debian.org/debian-devel-announce/2010/09/msg00003.html)
+finally convinced me to move away from my old 1024 DSA to a
+[[**new 4096 RSA GPG key**|6D866396.asc]]. I know
+[it's bloated](http://xkcd.com/538/), but given that I expect the life time of
+the new (master) key to be ≥ 10 years, I saw no reason to switch to any weaker
+key.
+
+I'm lucky enough to live in a DD-crowded area and I've henceforth already
+collected some signatures ... but I need waaaay more signatures before even
+daring to think about asking for a replacement in the Debian keyring. So ....
+
+... **here's my [[transition document|key-transition.2010.txt]]**
+<small>(shamelessly inspired from [Russ](http://www.eyrie.org/~eagle/)'
+excellent text)</small>. If you have signed my old key, you should have a
+fairly straightforward trust path to my new key. If that is compatible with
+your signing policy, **please sign [[my new key|6D866396.asc]]**.
+
+Having been there, here are a couple of excellent **recommended readings** for
+doing the transition yourself:
+
+* [key creation guide](http://keyring.debian.org/creating-key.html) - by
+  [Ana](http://ekaia.org/blog) via keyring maint
+* [migration howto](http://www.debian-administration.org/users/dkg/weblog/48) -
+  by [Daniel](http://debian-administration.org/users/dkg/weblog)
+
+[[!tag lang/english planet-debian debian gpg]]
diff --git a/tags/gpg.mdwn b/tags/gpg.mdwn
new file mode 100644 (file)
index 0000000..c594b70
--- /dev/null
@@ -0,0 +1,4 @@
+[[!meta title="pages tagged gpg"]]
+
+[[!inline pages="tagged(gpg)" actions="no" archive="yes"
+feedshow=10]]