| 1 |
>>>>> On Fri, 6 Jul 2018, Robin H Johnson wrote: |
| 2 |
|
| 3 |
> On Fri, Jul 06, 2018 at 07:43:56AM +0200, Ulrich Mueller wrote: |
| 4 |
>> Still NACK. If expiration is exactly 2 years and renewal must happen |
| 5 |
>> 2 weeks before the expiry date, then it is not possible to keep the |
| 6 |
>> same date. |
| 7 |
>> |
| 8 |
>> Example: The key will expire at 2018-12-31, so it must be renewed at |
| 9 |
>> 2018-12-17 or earlier. This will make it impossible to keep the same |
| 10 |
>> month and day (unless one would reset it to 2019-12-31, which is only |
| 11 |
>> one year though). |
| 12 |
>> |
| 13 |
>> So please, make it something like 2 years + 3 months. |
| 14 |
|
| 15 |
> option a) |
| 16 |
> 2 years + N: |
| 17 |
> 2 weeks <= N <= 3 months. |
| 18 |
|
| 19 |
You don't want the first <= there. If it's 2 years + 2 weeks then devs |
| 20 |
would have only one exact day for renewal of their key. |
| 21 |
|
| 22 |
> option b) |
| 23 |
> Change the wording to be 'at most 2 years' instead of 'exactly 2 years'. |
| 24 |
|
| 25 |
I don't understand. How would this solve the problem? |
| 26 |
|
| 27 |
> Separately: |
| 28 |
> Is two weeks enough time for a new key distribution to users? |
| 29 |
|
| 30 |
Ulrich |
Archives