[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-commits] [tor-browser-spec/master] Bug 14625: Set expiration dates for TBB keys
commit b03656fbbfdb56bae9778c5cea14a13ea92f2b11
Author: Georg Koppen <gk@xxxxxxxxxxxxxx>
Date: Fri Aug 28 10:55:29 2015 +0000
Bug 14625: Set expiration dates for TBB keys
We set an expiry date of 5 years in the future for the certification
key and 2 years for subkeys.
---
processes/KeyGeneration | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/processes/KeyGeneration b/processes/KeyGeneration
index 4c65523..4c62c51 100644
--- a/processes/KeyGeneration
+++ b/processes/KeyGeneration
@@ -9,7 +9,7 @@ Preparations:
3) If not already done prepare the gpg.conf used for that device
(See: https://help.riseup.net/en/security/message-security/openpgp/best-practices
for help)
-4) `exp rt nGNUPGHOME=/path/to/offline/storage/.gnupg`
+4) `export GNUPGHOME=/path/to/offline/storage/.gnupg`
Key Creation Incantations and Instructions
------------------------------------------
@@ -20,7 +20,7 @@ Key Creation Incantations and Instructions
4) Choose "(E) Toggle the encrypt capability"
5) Choose "(Q) Finished"
6) Choose 4096 bit
-7) Choose "0 = key does not expire"
+7) Type "5y"
8) Choose "Tor Browser Developers" as real name
9) Choose "torbrowser@xxxxxxxxxxxxxx" as email address
10) Choose "signing key" as comment
@@ -28,7 +28,7 @@ Key Creation Incantations and Instructions
12) `gpg --edit-key YOURMASTERKEYID`
13) At the gpg> prompt enter: addkey
14) Choose "(4) RSA (sign only)"
-15) Repeat step 6, 7, 13 and 14 as often as needed
+15) Repeat step 6, 7 (with "2y" for subkeys), 13 and 14 as often as needed
16) At the gpg> prompt enter: save
16) Check whether the keys look good, e.g. with
`hkt export-pubkeys YOURMASTERKEYID | hokey lint`
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits