keybase.io also is a nice new tool for sharing keys... although it's not as good as meeting in public. As for the beer with Emmanuel: Count me in :-)
2014-10-06 17:28 GMT+02:00 sebb <seb...@gmail.com>: > On 6 October 2014 12:26, Stefan Bodewig <bode...@apache.org> wrote: > > On 2014-10-06, sebb wrote: > > > >> On 6 October 2014 08:16, Stefan Bodewig <bode...@apache.org> wrote: > > > >>>> Just a note on the GPG key, it might be a good idea to upgrade to a > >>>> stronger one. 1024 bits keys are discouraged nowadays. > > > >>>> http://www.apache.org/dev/release-signing > > > >>> I know, but leaving behind a key that has accumulated signatures over > >>> more than ten years is hard ... > > > >> I assume that the people who signed your key trust that it is still > yours. > > > >> If you use it to sign your new key, is that not sufficient? > > > > Right, at least in a way. > > > > If I created a new key and signed it with the old one the WOT would > > still be there in a transitive way. But a direct signature conveys more > > trust (in a GnuPG sense of trust) than a transitive one along the graph. > > > > Creating a new key is somewhere down my todo list but I shy away from > > the hassle of asking all people who signed the old key to also sign the > > new one so the new one won't be worth less. > > What I meant was: the people who signed your current key might be > prepared to sign your new key without needing to meet in person and > exchange details. So the effort would be much less than for the first > signing. > > > Stefan > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org > > For additional commands, e-mail: dev-h...@commons.apache.org > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org > For additional commands, e-mail: dev-h...@commons.apache.org > > -- http://people.apache.org/~britter/ http://www.systemoutprintln.de/ http://twitter.com/BenediktRitter http://github.com/britter
