1 |
On Thu, Jul 05, 2018 at 03:36:09PM +0200, Michał Górny wrote: |
2 |
> W dniu śro, 04.07.2018 o godzinie 18∶48 -0400, użytkownik Joshua Kinard |
3 |
> napisał: |
4 |
> > On 7/4/2018 5:24 PM, Michał Górny wrote: |
5 |
> > > W dniu śro, 04.07.2018 o godzinie 23∶05 +0200, użytkownik Ulrich Mueller |
6 |
> > > napisał: |
7 |
> > > > > > > > > On Wed, 4 Jul 2018, Michał Górny wrote: |
8 |
> > > > > |
9 |
> > > > > -3. Key expiry: 5 years maximum |
10 |
> > > > > +3. Key expiration: |
11 |
> > > > > + |
12 |
> > > > > + a. Primary key: 3 years maximum |
13 |
> > > > > + |
14 |
> > > > > + b. Gentoo subkey: 1 year maximum |
15 |
> > > > |
16 |
> > > > What problem are you trying to solve here? |
17 |
> > > > |
18 |
> > > |
19 |
> > > The problem of having unjustified double standards. |
20 |
> > |
21 |
> > IMHO, one year for a signing subkey is too short. I see no problem with three |
22 |
> > years like the primary key. Especially since people will typically just change |
23 |
> > the expiration and advance it the minimum number of years, lather, rinse, and |
24 |
> > repeat. It's a solution looking for a problem. |
25 |
> > |
26 |
> |
27 |
> I don't really know the original rationale for this. |
28 |
> |
29 |
> The NIST standard says 1-3 years. If I were to guess, I'd say 1 year |
30 |
> was chosen for subkey because subkey expiring is a 'smaller' issue than |
31 |
> the whole key expiring, i.e. other users see the primary key as being |
32 |
> still valid. |
33 |
> |
34 |
> I suppose the advantage of having disjoint expiration times is that if |
35 |
> you forget about it, you'd learn the hard way that you need to renew it |
36 |
> before the primary key expired. |
37 |
> |
38 |
> That said, I'm open to using a different recommendation, e.g. 2 years |
39 |
> as in riseup [1]. I suppose having the same time for both primary key |
40 |
> and subkeys would make the spec simpler, and many developers are |
41 |
> mistaking expiration times (as specified now) anyway. |
42 |
> |
43 |
> [1]:https://riseup.net/en/security/message-security/openpgp/best-practices#use-an-expiration-date-less-than-two-years |
44 |
|
45 |
Can you link the nist standard? I'm curious about it because their |
46 |
password standards are quite different.They no longer recommend forcing |
47 |
password changes unless there is a breach. |
48 |
|
49 |
Thanks, |
50 |
|
51 |
William |