On Thu, Jul 5, 2018, at 08:36 CDT, Michał Górny <mgo...@gentoo.org> wrote:
> That said, I'm open to using a different recommendation, e.g. 2 years > as in riseup [1]. I suppose having the same time for both primary key > and subkeys would make the spec simpler, and many developers are > mistaking expiration times (as specified now) anyway. > > [1]:https://riseup.net/en/security/message-security/openpgp/best-practices#use-an-expiration-date-less-than-two-years Make it at most 2, 3, (or as it has been so far 5) years for both primary and subkeys. Best, Matthias
signature.asc
Description: PGP signature
