Archives
Archives
| From: | Matthias Maier <tamiko@g.o> | ||
|---|---|---|---|
| To: | gentoo-dev@l.g.o | ||
| Subject: | Re: [gentoo-dev] [PATCH v2 09/11] glep-0063: Make recommended expiration terms mandatory | ||
| Date: | Thu, 05 Jul 2018 13:51:24 | ||
| Message-Id: | 87muv5bxkp.fsf@gentoo.org | ||
| In Reply to: | Re: [gentoo-dev] [PATCH v2 09/11] glep-0063: Make recommended expiration terms mandatory by "Michał Górny" |
||
| 1 | On Thu, Jul 5, 2018, at 08:36 CDT, Michał Górny <mgorny@g.o> wrote: |
| 2 | |
| 3 | > That said, I'm open to using a different recommendation, e.g. 2 years |
| 4 | > as in riseup [1]. I suppose having the same time for both primary key |
| 5 | > and subkeys would make the spec simpler, and many developers are |
| 6 | > mistaking expiration times (as specified now) anyway. |
| 7 | > |
| 8 | > [1]:https://riseup.net/en/security/message-security/openpgp/best-practices#use-an-expiration-date-less-than-two-years |
| 9 | |
| 10 | Make it at most 2, 3, (or as it has been so far 5) years for both |
| 11 | primary and subkeys. |
| 12 | |
| 13 | Best, |
| 14 | Matthias |
| File name | MIME type |
|---|---|
| signature.asc | application/pgp-signature |
| Subject | Author |
|---|---|
| Re: [gentoo-dev] [PATCH v2 09/11] glep-0063: Make recommended expiration terms mandatory | Marc Schiffbauer <mschiff@g.o> |