| 1 |
W dniu czw, 05.07.2018 o godzinie 17∶37 +0200, użytkownik Marc |
| 2 |
Schiffbauer napisał: |
| 3 |
> * Matthias Maier schrieb am 05.07.18 um 15:51 Uhr: |
| 4 |
> > |
| 5 |
> > On Thu, Jul 5, 2018, at 08:36 CDT, Michał Górny <mgorny@g.o> wrote: |
| 6 |
> > |
| 7 |
> > > That said, I'm open to using a different recommendation, e.g. 2 years |
| 8 |
> > > as in riseup [1]. I suppose having the same time for both primary key |
| 9 |
> > > and subkeys would make the spec simpler, and many developers are |
| 10 |
> > > mistaking expiration times (as specified now) anyway. |
| 11 |
> > > |
| 12 |
> > > [1]:https://riseup.net/en/security/message-security/openpgp/best-practices#use-an-expiration-date-less-than-two-years |
| 13 |
> > |
| 14 |
> > Make it at most 2, 3, (or as it has been so far 5) years for both |
| 15 |
> > primary and subkeys. |
| 16 |
> |
| 17 |
> +1 for 5 years or at least 3. |
| 18 |
> |
| 19 |
> Having to renew/edit the key each year seems crazy to me. |
| 20 |
> |
| 21 |
> I have my primary key offline only, so renewing/editing it is a much |
| 22 |
> more time consuming matter than if I had my primary key always with me |
| 23 |
> which I consider a bad idea because you do not need to. |
| 24 |
> |
| 25 |
|
| 26 |
...and you consider it a good idea to keep the primary key untouched for |
| 27 |
5 years? You don't even know if the medium holding it still works. |
| 28 |
|
| 29 |
-- |
| 30 |
Best regards, |
| 31 |
Michał Górny |
Archives