-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Hi Werner,
> Given that the default for smartcards is to store the backup on disk and > ask the user to move it to a safer place, we might as well do something > similar for revocation certificates. Comments? my vote: yes. Non-intrusive information about what next steps should be. When creating a key using Enigmail, it asks the user to save a rev cert. CLI should do the same. > Regarding a default expiration date: It may be useful if GUIs would do this > (as long as they also offer an option to prolong the expiration). Personally, I used to use expiration dates but found it unconvenient. On newer keys, I rather make sure a have a rev cert in a safe place and set no expiry. But that's a personal preference. And yes, a user really should do one or the other at least. Concerning expiration I vote to set to 3 years at least, but there are different scenarios that have requirements: private messaging, company keys, ... Olav - -- The Enigmail Project - OpenPGP Email Security For Mozilla Applications -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (MingW32) Comment: Dies ist eine elektronische Signatur - http://www.enigmail.net/ iQGcBAEBAwAGBQJRLKBEAAoJEKGX32tq4e9WIyQMAJ6tN9/xtYSsZMbn+5m/N6yD e/HGd4uBHwJRGwTCqMOowIDqAOoXJAyKQ5VqwMXZoaDblC3HLp9kSHfEgxGPjQPR aVorAzs9AmRDUv7hfyzdtktIKT5fLJANfM/tJzHO3yBQHkfvQdHf3Q5wCyM4Px3H i6MYyYFPNWeGGdDT4DvdFuQVfyWSrVq/UFK5l7WyBxqnfr6jpljTe7So04QdHExS rhaTdBIzfba66U7MYu8zsNtSRdjQT55HSmmwFuPKm9dYrG+6vTa5PWUajFyXo2dq NDnUUonNDZUJde8prUJVJvGzW89eSS9CpgAB2ZpFgsHLv4gmHYX64IOAcPkAtRls XAmbJDFKCn7CwGmFpwOcTq0df5wjHewLepGkdk3URShlikHJeYx/SiS78ToUUmfp 0bWonjDT2k0qpUDrFBtEwchrUh6z5jy4BgVHA+Z4m684+cgtBS61H8qCk0ZRwsz9 r42hIUTxUCwQPi01aLnBM7my0pCIWq+j/3vFaMJu3w== =5TNP -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
