W dniu czw, 05.07.2018 o godzinie 17∶37 +0200, użytkownik Marc Schiffbauer napisał: > * Matthias Maier schrieb am 05.07.18 um 15:51 Uhr: > > > > On Thu, Jul 5, 2018, at 08:36 CDT, Michał Górny <mgo...@gentoo.org> wrote: > > > > > That said, I'm open to using a different recommendation, e.g. 2 years > > > as in riseup [1]. I suppose having the same time for both primary key > > > and subkeys would make the spec simpler, and many developers are > > > mistaking expiration times (as specified now) anyway. > > > > > > [1]:https://riseup.net/en/security/message-security/openpgp/best-practices#use-an-expiration-date-less-than-two-years > > > > Make it at most 2, 3, (or as it has been so far 5) years for both > > primary and subkeys. > > +1 for 5 years or at least 3. > > Having to renew/edit the key each year seems crazy to me. > > I have my primary key offline only, so renewing/editing it is a much > more time consuming matter than if I had my primary key always with me > which I consider a bad idea because you do not need to. >
...and you consider it a good idea to keep the primary key untouched for 5 years? You don't even know if the medium holding it still works. -- Best regards, Michał Górny
signature.asc
Description: This is a digitally signed message part
