commit: 3232aa12738915cfecf3663672ea59b90a79772b Author: Mike Gilbert <floppym <AT> gentoo <DOT> org> AuthorDate: Thu Dec 17 17:43:40 2020 +0000 Commit: Ulrich Müller <ulm <AT> gentoo <DOT> org> CommitDate: Mon Jan 4 07:11:18 2021 +0000 URL: https://gitweb.gentoo.org/data/glep.git/commit/?id=3232aa12
glep-0063: Add section about the Gentoo keyserver Closes: https://bugs.gentoo.org/760923 Signed-off-by: Mike Gilbert <floppym <AT> gentoo.org> Signed-off-by: Ulrich Müller <ulm <AT> gentoo.org> glep-0063.rst | 32 ++++++++++++++++++++++++-------- 1 file changed, 24 insertions(+), 8 deletions(-) diff --git a/glep-0063.rst b/glep-0063.rst index 82541bd..80ca81d 100644 --- a/glep-0063.rst +++ b/glep-0063.rst @@ -7,10 +7,10 @@ Author: Robin H. Johnson <[email protected]>, Michał Górny <[email protected]> Type: Standards Track Status: Final -Version: 2.1 +Version: 2.2 Created: 2013-02-18 -Last-Modified: 2019-11-07 -Post-History: 2013-11-10, 2018-07-03, 2018-07-21, 2019-02-24 +Last-Modified: 2020-12-17 +Post-History: 2013-11-10, 2018-07-03, 2018-07-21, 2019-02-24, 2020-12-17 Content-Type: text/x-rst --- @@ -28,6 +28,9 @@ OpenPGP key management policies for the Gentoo Linux distribution. Changes ======= +v2.2 + Added information about the Gentoo keyserver. + v2.1 A requirement for an encryption key has been added, in order to extend the GLEP beyond commit signing and into use of OpenPGP for dev-to-dev @@ -114,7 +117,7 @@ Keys that do not conform to them can not be used to commit. 6. UID using your ``@gentoo.org`` e-mail included in the key. -7. Upload your key to the SKS keyserver rotation before usage! +7. Keys must be uploaded to the Gentoo keyserver. Recommendations --------------- @@ -135,8 +138,13 @@ their primary key). 5. Encrypted backup of your secret keys. +6. Upload to SKS or another public keyserver pool. + +Gentoo Infrastructure +===================== + Gentoo LDAP -=========== +----------- All Gentoo developers must list the complete fingerprint for their primary keys in the "``gpgfingerprint``" LDAP field. It must be exactly 40 hex digits, @@ -147,6 +155,14 @@ of the fingerprint field. In any place that presently displays the "``gpgkey``" field, the last 16 hex digits of the fingerprint should be displayed instead. +Gentoo Keyserver +---------------- + +Gentoo infrastructure uses a keyserver that is isolated from the SKS pool. +This keyserver is restricted to accepting uploads from authorized Gentoo hosts. +Instructions for uploading keys to this server may be found at +https://keys.gentoo.org/. + Backwards Compatibility ======================= @@ -212,6 +228,6 @@ Copyright Copyright (c) 2013-2019 by Robin Hugh Johnson, Andreas K. Hüttel, Marissa Fischer, Michał Górny. -This work is licensed under the Creative Commons Attribution-ShareAlike 3.0 -Unported License. To view a copy of this license, visit -https://creativecommons.org/licenses/by-sa/3.0/. +This work is licensed under the Creative Commons Attribution-ShareAlike 4.0 +International License. To view a copy of this license, visit +https://creativecommons.org/licenses/by-sa/4.0/.
