Please remove MacGPG from gnupg.org due to serious security concerns
Jonathan Schleifer
js-gnupg-users at webkeks.org
Thu Feb 19 20:29:43 CET 2015
Am 19.02.2015 um 20:08 schrieb Werner Koch <wk at gnupg.org>:
> Because I have to enter the PIN everytime (right, I do this on purpose),
> the RSA signatures a long, and I do not keep my signing key card
> inserted all the time. In fact I have to walk out of the office to pick
> it up.
Another approach is to not sign them when working on it and only signing them before pushing using git rebase. I do agree that it's sometimes annoying to always plug it in and out again.
> ps. Here is the key I started to use for commits.
>
> pub ed25519/E3FDFF218E45B72B 2015-02-18 [expires: 2025-02-15]
> Key fingerprint = C1D3 4B69 219E 4AEE C0BA 1C21 E3FD FF21 8E45 B72B
> uid [ unknown] Werner Koch (wheatstone commit signing)
+1 for choosing Ed25519! (I did the same because I didn't want commits to be huge).
As most keyservers still don't support Ed25519 keys, I guess it's worth pointing out that you can get the key with --keyserver keyserver.mattrude.com.
Btw, does this mean that basically Ed25519 keys are stable enough now and won't change anymore?
--
Jonathan
More information about the Gnupg-users
mailing list