Key consistency checks
This requirement has been approved by Jonathan Wiltshire <firstname.lastname@example.org> 6 months ago.
Every Debian member needs a GPG key of sufficient strength. In addition, all keys should be certified so we can link them to a real-world identity.
The normal requirements are:
- the key should be type RSA and version 4 or greater
- the key should have the sign, certify and encrypt capabilities (subkeys are encouraged)
- the primary cryptographic material should be at least 4096 bits
- the UIDs should be signed by at least two existing Debian members (1 for DM applications)
- pseudonyms or anonymity are acceptable in certain circumstances
If the key does not meet these requirements, and you would struggle to create one which does, contact Front Desk.
This check will be approved manually by Front Desk as the application progresses.
|OpenPGP fingerprint||2FE2 163F 611C 80BE 2BF5 EE62 48D1 9F46 BC99 C9B7|
|Main key||ok (last updated: 2019-09-27 13:03 UTC)|
|UID Lee Garrett <debian, rocketjump.eu>||
ok, 0 non-DD sigs,
2 DD sigs:
|UID Mark Lee Garrett <lee+gnupg, rocketjump.eu>||
ok, 4 non-DD sigs,
first 10 of 26 DD sigs:
|UID Lee Garrett <lgarrett, rocketjump.eu>||
ok, 3 non-DD sigs,
first 10 of 14 DD sigs:
|2019-09-27 13:06||jmw||req_approve||Requirement approved||yes|
|2019-08-01 14:52||lee||-||I own that domain (I can add any TXT record to prove it). But good point, I'll get some signature on it.||yes|
|2019-07-31 14:47||noodles||-||The UID being used for this application has no signatures on it other than the self sig. Given the generic nature of the domain it's not clear you're the owner or not.||yes|