W dniu pią, 06.07.2018 o godzinie 16∶21 +0200, użytkownik Marc
Schiffbauer napisał:
> * Kristian Fiskerstrand schrieb am 06.07.18 um 13:00 Uhr:
> > On 07/05/2018 05:37 PM, Marc Schiffbauer wrote:
> > > I have my primary key offline only, so renewing/editing it is a much
> > > more time consuming m
* Kristian Fiskerstrand schrieb am 06.07.18 um 13:00 Uhr:
> On 07/05/2018 05:37 PM, Marc Schiffbauer wrote:
> > I have my primary key offline only, so renewing/editing it is a much
> > more time consuming matter than if I had my primary key always with me
> > which I consider a bad idea because y
On 06-07-2018 13:34:21 +0200, Ulrich Mueller wrote:
> - Make creation of a revocation certificate (and storing it in a place
> separate from the key) mandatory.
What does this really achieve? Or require? Am I supposed to buy or
hire a vault now? -- I'm assuming the word "safe" is missing fro
On 07/06/2018 01:34 PM, Ulrich Mueller wrote:
> Note that the revocation certificate is still listed under
> recommendations only, so devs need not create one. Making this a
> requirement would be a real improvement, IMHO.
From a Gentoo perspective, we can "revoke" it by deleting it from LDAP
and
W dniu pią, 06.07.2018 o godzinie 13∶34 +0200, użytkownik Ulrich Mueller
napisał:
> > > > > > On Fri, 6 Jul 2018, Marc Schiffbauer wrote:
> > * Michał Górny schrieb am 06.07.18 um 11:33 Uhr:
> > > If you don't see it for 5 years, how can you be sure that it is
> > > even still there?
> > Are you se
> On Fri, 6 Jul 2018, Marc Schiffbauer wrote:
> * Michał Górny schrieb am 06.07.18 um 11:33 Uhr:
>> If you don't see it for 5 years, how can you be sure that it is
>> even still there?
> Are you serious? Who tells you that I do not check from time to
> time?
> I am sure there will always be
On 07/05/2018 05:37 PM, Marc Schiffbauer wrote:
> I have my primary key offline only, so renewing/editing it is a much
> more time consuming matter than if I had my primary key always with me
> which I consider a bad idea because you do not need to.
But is it sufficiently time-consuming / diffic
* Michał Górny schrieb am 06.07.18 um 11:33 Uhr:
> W dniu pią, 06.07.2018 o godzinie 11∶08 +0200, użytkownik Marc
> Schiffbauer napisał:
> > * Michał Górny schrieb am 05.07.18 um 20:25 Uhr:
> > > W dniu czw, 05.07.2018 o godzinie 17∶37 +0200, użytkownik Marc
> > > Schiffbauer napisał:
> > > > +1 fo
W dniu pią, 06.07.2018 o godzinie 11∶08 +0200, użytkownik Marc
Schiffbauer napisał:
> * Michał Górny schrieb am 05.07.18 um 20:25 Uhr:
> > W dniu czw, 05.07.2018 o godzinie 17∶37 +0200, użytkownik Marc
> > Schiffbauer napisał:
> > > +1 for 5 years or at least 3.
> > >
> > > Having to renew/edit th
* Michał Górny schrieb am 05.07.18 um 20:25 Uhr:
> W dniu czw, 05.07.2018 o godzinie 17∶37 +0200, użytkownik Marc
> Schiffbauer napisał:
> > +1 for 5 years or at least 3.
> >
> > Having to renew/edit the key each year seems crazy to me.
> >
> > I have my primary key offline only, so renewing/edit
On Thu, Jul 5, 2018, at 08:36 CDT, Michał Górny wrote:
> I don't really know the original rationale for this.
>
> The NIST standard says 1-3 years. If I were to guess, I'd say 1 year
> was chosen for subkey because subkey expiring is a 'smaller' issue than
> the whole key expiring, i.e. other
W dniu czw, 05.07.2018 o godzinie 13∶24 -0500, użytkownik William Hubbs
napisał:
> On Thu, Jul 05, 2018 at 03:36:09PM +0200, Michał Górny wrote:
> > W dniu śro, 04.07.2018 o godzinie 18∶48 -0400, użytkownik Joshua Kinard
> > napisał:
> > > On 7/4/2018 5:24 PM, Michał Górny wrote:
> > > > W dniu śro
W dniu czw, 05.07.2018 o godzinie 17∶37 +0200, użytkownik Marc
Schiffbauer napisał:
> * Matthias Maier schrieb am 05.07.18 um 15:51 Uhr:
> >
> > On Thu, Jul 5, 2018, at 08:36 CDT, Michał Górny wrote:
> >
> > > That said, I'm open to using a different recommendation, e.g. 2 years
> > > as in ris
On Thu, Jul 05, 2018 at 03:36:09PM +0200, Michał Górny wrote:
> W dniu śro, 04.07.2018 o godzinie 18∶48 -0400, użytkownik Joshua Kinard
> napisał:
> > On 7/4/2018 5:24 PM, Michał Górny wrote:
> > > W dniu śro, 04.07.2018 o godzinie 23∶05 +0200, użytkownik Ulrich Mueller
> > > napisał:
> > > > > > >
* Matthias Maier schrieb am 05.07.18 um 15:51 Uhr:
>
> On Thu, Jul 5, 2018, at 08:36 CDT, Michał Górny wrote:
>
> > That said, I'm open to using a different recommendation, e.g. 2 years
> > as in riseup [1]. I suppose having the same time for both primary key
> > and subkeys would make the spe
On Thu, Jul 5, 2018, at 08:36 CDT, Michał Górny wrote:
> That said, I'm open to using a different recommendation, e.g. 2 years
> as in riseup [1]. I suppose having the same time for both primary key
> and subkeys would make the spec simpler, and many developers are
> mistaking expiration times
W dniu śro, 04.07.2018 o godzinie 18∶48 -0400, użytkownik Joshua Kinard
napisał:
> On 7/4/2018 5:24 PM, Michał Górny wrote:
> > W dniu śro, 04.07.2018 o godzinie 23∶05 +0200, użytkownik Ulrich Mueller
> > napisał:
> > > > > > > > On Wed, 4 Jul 2018, Michał Górny wrote:
> > > >
> > > > -3. Key expi
On 7/4/2018 5:24 PM, Michał Górny wrote:
> W dniu śro, 04.07.2018 o godzinie 23∶05 +0200, użytkownik Ulrich Mueller
> napisał:
>>> On Wed, 4 Jul 2018, Michał Górny wrote:
>>> -3. Key expiry: 5 years maximum
>>> +3. Key expiration:
>>> +
>>> + a. Primary key: 3 years maximum
>>> +
>>> + b. G
W dniu śro, 04.07.2018 o godzinie 23∶05 +0200, użytkownik Ulrich Mueller
napisał:
> > > > > > On Wed, 4 Jul 2018, Michał Górny wrote:
> > -3. Key expiry: 5 years maximum
> > +3. Key expiration:
> > +
> > + a. Primary key: 3 years maximum
> > +
> > + b. Gentoo subkey: 1 year maximum
>
> What pr
> On Wed, 4 Jul 2018, Michał Górny wrote:
> -3. Key expiry: 5 years maximum
> +3. Key expiration:
> +
> + a. Primary key: 3 years maximum
> +
> + b. Gentoo subkey: 1 year maximum
What problem are you trying to solve here?
Ulrich
pgpfeO7ifif_W.pgp
Description: PGP signature
Given that the key expiration can be updated in place, there is
no reason to provide separate 'minimal' and 'recommended' values.
---
glep-0063.rst | 19 ++-
1 file changed, 14 insertions(+), 5 deletions(-)
diff --git a/glep-0063.rst b/glep-0063.rst
index e81c862..7455674 100644
-
21 matches
Mail list logo