>> This doesn't suggest them being updated, we could remove them and use >> the *.parabolagnulinux.org certificates. > > no, i just renewed the keys i mentioned
Ok, I've changed it to use the wildcard certificate. >> We could have one key pair at once on both servers, renew the public key >> once per six months and replace the private key once or twice per year. >> Having more than one key per server leads to forgotten keys like the >> mail one. Two separate keys one for each server will have overlapping >> names, so they shouldn't be more secure than one key for both. > > why would it be necessary to change keys? for security problems? I don't remember where I have read that it's useful for security. It's not harder to replace both keys from user's usability point of view.
pgpj7CVInmuAS.pgp
Description: PGP signature
_______________________________________________ Dev mailing list [email protected] https://lists.parabolagnulinux.org/mailman/listinfo/dev
