diff options
author | Michał Górny <mgorny@gentoo.org> | 2018-07-04 12:11:18 +0200 |
---|---|---|
committer | Michał Górny <mgorny@gentoo.org> | 2018-07-29 22:07:26 +0200 |
commit | b583e7c1527efe98499ebb449e106d7d73957f5b (patch) | |
tree | 4ef3291b61436c50d0d4d991ff062fed6530e5c0 | |
parent | glep-0063: Update and unify expiration term (diff) | |
download | glep-b583e7c1527efe98499ebb449e106d7d73957f5b.tar.gz glep-b583e7c1527efe98499ebb449e106d7d73957f5b.tar.bz2 glep-b583e7c1527efe98499ebb449e106d7d73957f5b.zip |
glep-0063: Require renewal 2 weeks before expiration
Add a rule requesting renewal of keys at least two weeks before their
expiration date, in order to give services time to refresh.
-rw-r--r-- | glep-0063.rst | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/glep-0063.rst b/glep-0063.rst index 9ba778b..ca834a8 100644 --- a/glep-0063.rst +++ b/glep-0063.rst @@ -33,6 +33,10 @@ v2 by a single requirement. The rules have been simplified to use the same maximum time of 900 days for both the primary key and subkeys. + An additional rule requesting key renewal 2 weeks before expiration + has been added. This is in order to give services and other developers time + to refresh the key. + v1.1 The recommended RSA key size has been changed from 4096 bits to 2048 bits to match the GnuPG recommendations [#GNUPG-FAQ-11-4]_. @@ -83,7 +87,10 @@ not be used to commit. 4. Expiration date on key and all subkeys set to no more than 900 days into the future -5. Upload your key to the SKS keyserver rotation before usage! +5. Key expiration date renewed at least 2 weeks before the previous + expiration date + +6. Upload your key to the SKS keyserver rotation before usage! Recommendations --------------- |