Hi Adam, On Thu, 09 Mar 2023 17:05:28 +0000, Adam wrote: > ftp-master have now published their bookworm keys, so we can get those > incorporated. For the SRM side, you probably saw that we've been > considering moving to an EC key. From the very limited responses to the > discussion I started on debian-release, I'm still not entirely sure if > that's feasible / a good idea.
Does the signing method update have to be one-method-for-another, or is there is a way to phase-in a new method before phasing-out the old? (my question is inspired by a recent talk by djb and Tanje Lange that discusses[1] an encryption migration at Google that involved use of two algorithms in parallel. I realize that we're talking about integrity signing rather than confidentiality, and it's also possible that I'm creating a time-wasting distraction here, so.. take with a grain of salt) Thanks, James [1] - https://media.ccc.de/v/fire-shonks-2022-49246-post-quantum-cryptography-detours-delays-and-disasters#t=500
