1 |
>>>>> On Fri, 6 Jul 2018, Robin H Johnson wrote: |
2 |
|
3 |
> On Fri, Jul 06, 2018 at 07:43:56AM +0200, Ulrich Mueller wrote: |
4 |
>> Still NACK. If expiration is exactly 2 years and renewal must happen |
5 |
>> 2 weeks before the expiry date, then it is not possible to keep the |
6 |
>> same date. |
7 |
>> |
8 |
>> Example: The key will expire at 2018-12-31, so it must be renewed at |
9 |
>> 2018-12-17 or earlier. This will make it impossible to keep the same |
10 |
>> month and day (unless one would reset it to 2019-12-31, which is only |
11 |
>> one year though). |
12 |
>> |
13 |
>> So please, make it something like 2 years + 3 months. |
14 |
|
15 |
> option a) |
16 |
> 2 years + N: |
17 |
> 2 weeks <= N <= 3 months. |
18 |
|
19 |
You don't want the first <= there. If it's 2 years + 2 weeks then devs |
20 |
would have only one exact day for renewal of their key. |
21 |
|
22 |
> option b) |
23 |
> Change the wording to be 'at most 2 years' instead of 'exactly 2 years'. |
24 |
|
25 |
I don't understand. How would this solve the problem? |
26 |
|
27 |
> Separately: |
28 |
> Is two weeks enough time for a new key distribution to users? |
29 |
|
30 |
Ulrich |