Hi all, I've been asked a couple of times in IRC and other mediums, about what GPG key settings etc to use. I would not not call these final yet, but should be fairly close to final.
This was originally intended to be part of the tree-signing GLEP series, but was in one of the unpublished ones (GLEPxx+3 in the references). I guess if there are no major objections to the below, I'll finalize them into the GLEP. This will replace the conflicting information in: http://devmanual.gentoo.org/general-concepts/manifest/index.html http://www.gentoo.org/doc/en/gnupg-user.xml The following is based on: - NIST SP 800-57 recommendations - Debian GPG documentation - RiseUp.net OpenPGP best practices. Bare minimum requirements: -------------------------- 1. SHA2-series output digest (SHA1 digests internally permitted). "personal-digest-preferences SHA256" 2. root key & signing subkey of EITHER: 2.1. DSA, 1024 or 2048 bits 2.2. RSA, >=2048 bits 3. Key expiry: 5 years. Recommendations: ---------------- 1. SHA2-series digest on output & certifications: "personal-digest-preferences SHA256" "cert-digest-algo SHA256" 2. Root key type of RSA, 4096 bits 2.1. This may require creating an entirely new key. 3. Dedicated Gentoo signing subkey of EITHER: 3.1. DSA 2048 bits 3.2. RSA 4096 bits 4. Key expiry: 4.1. Root key: 3 year max. 4.2. Gentoo subkey: 1 year max. 5. Create a revocation certificate & store it hardcopy offsite securely (it's about ~300 bytes). 6. Encrypted backup of your secret keys. 7. In your gpg.conf: # include an unambiguous indicator of which key made a signature: # (see http://thread.gmane.org/gmane.mail.notmuch.general/3721/focus=7234) sig-notation issuer-...@notations.openpgp.fifthhorseman.net=%g Notes/FAQ: ---------- 1. "Ok, so how do I follow this?" http://ekaia.org/blog/2009/05/10/creating-new-gpgkey/ http://keyring.debian.org/creating-key.html 2. "How can I be really sure/paranoid enough?" https://we.riseup.net/riseuplabs+paow/openpgp-best-practices 3. Every 3-6 months, and/or before key expiry and major keysigning events, you should update your key expiry date with the 'expire' command (remember to do all subkeys). Put it on your calendar! 4. If you intend to sign on a slow alternative-arch, you may find adding a DSA1024 subkey significantly speeds up the signing. 5. Can you give me a full ~/.gnupg/gpg.conf file? === # -- robbat2's recommendations: keyserver pool.sks-keyservers.net emit-version default-recipient-self # -- All of the below portion from the RiseUp.net OpenPGP best practices, and # -- many of them are also in the Debian GPG documentation. # when outputting certificates, view user IDs distinctly from keys: fixed-list-mode # long keyids are more collision-resistant than short keyids (it's trivial to make a key with any desired short keyid) keyid-format 0xlong # when multiple digests are supported by all recipients, choose the strongest one: personal-digest-preferences SHA512 SHA384 SHA256 SHA224 # preferences chosen for new keys should prioritize stronger algorithms: default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 BZIP2 ZLIB ZIP Uncompressed # If you use a graphical environment (and even if you don't) you should be using an agent: # (similar arguments as https://www.debian-administration.org/users/dkg/weblog/64) use-agent # You should always know at a glance which User IDs gpg thinks are legitimately bound to the keys in your keyring: verify-options show-uid-validity list-options show-uid-validity # include an unambiguous indicator of which key made a signature: # (see http://thread.gmane.org/gmane.mail.notmuch.general/3721/focus=7234) sig-notation issuer-...@notations.openpgp.fifthhorseman.net=%g # when making an OpenPGP certification, use a stronger digest than the default SHA1: cert-digest-algo SHA256 === -- Robin Hugh Johnson Gentoo Linux: Developer, Trustee & Infrastructure Lead E-Mail : robb...@gentoo.org GnuPG FP : 11ACBA4F 4778E3F6 E4EDF38E B27B944E 34884E85
