Patch sent for review:
No replies for over a month. I would like to request the Council to vote on approving this update.
This was approved in the April meeting with 5 yes votes and 1 abstention. Since the log has not been uploaded yet (sigh!), here's the relevant quote:
[21:51:49] <WilliamH> Ok, vote on whether or not to update glep 63 to require encryption subkey and mrecommend that primary key be for certification only:
[21:51:56] <WilliamH> recommend *
[21:52:06] -*- Whissi yes
[21:52:07] -*- dilfridge yes
[21:52:08] -*- K_F yes
[21:52:21] -*- leio yes
[21:52:34] -*- WilliamH abstain
[21:52:39] -*- ulm yes
[21:52:47] <WilliamH> The motion carries
(In reply to Michał Górny from comment #1)
> Since the log has not been uploaded yet (sigh!), [...]
But the log has been committed (and pushed) already on 2019-04-21:
Author: William Hubbs <firstname.lastname@example.org>
Date: Sun Apr 21 12:56:22 2019 -0500
Add log for 2019-04-14 meeting
Signed-off-by: William Hubbs <email@example.com>
The bug has been closed via the following commit(s):
Author: Michał Górny <firstname.lastname@example.org>
AuthorDate: 2019-02-24 09:18:13 +0000
Commit: Michał Górny <email@example.com>
CommitDate: 2019-05-02 05:42:48 +0000
glep-0063: Require encryption subkey, and make primary certify-only
Following the recent mailing list discussion indicating that developers
are taking GLEP 63 as only source of truth about OpenPGP keys, and can
make assumption that if encryption key is not listed there they should
not have one. Amend the specification to extend it beyond the previous
limited scope of commit signing, and require an encryption key
appropriately. This matches the GnuPG defaults.
While at it, add a recommendation that the primary key is certify-only.
Other usage is implicitly discouraged anyway via requiring subkeys.
Originally this recommendation was omitted as I wasn't aware that gpg
had a (hidden) option to change usage of existing keys.
Signed-off-by: Michał Górny <firstname.lastname@example.org>
glep-0063.rst | 43 +++++++++++++++++++++++++++++--------------
1 file changed, 29 insertions(+), 14 deletions(-)