On 01/04/2021 15:59, Sara Golemon wrote:
On Thu, Apr 1, 2021 at 9:21 AM Bishop Bettini <bis...@php.net
<mailto:bis...@php.net>> wrote:
I also added a FAQ.
I disagree with the position this document takes on immortal keys. We
should encourage best-practices with the knowledge that some people
will weaken their security with an immortal key, not start from a weak
position and suggest that adhering to best practices is "paranoid".
I've been looking around, and most of what I can find says that expiring
a primary key which you use directly for signing has very little value,
because anyone who has the private key and passphrase can change the
expiry date at any time. See for example:
https://security.stackexchange.com/q/14718/51961
The main use case seems to be when using sub-keys, where the primary key
(with no expiry) is kept offline, and new sub-keys are generated from it
regularly (e.g. once a year) with an appropriate expiry date.
This is based only on a few hours of searching online, however, so I'd
be happy to see a better explanation of how to use expiry effectively.
Regards,
--
Rowan Tommins
[IMSoP]
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: https://www.php.net/unsub.php
