summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichał Górny <mgorny@gentoo.org>2018-07-04 12:11:18 +0200
committerMichał Górny <mgorny@gentoo.org>2018-07-29 22:07:26 +0200
commitb583e7c1527efe98499ebb449e106d7d73957f5b (patch)
tree4ef3291b61436c50d0d4d991ff062fed6530e5c0
parentglep-0063: Update and unify expiration term (diff)
downloadglep-b583e7c1527efe98499ebb449e106d7d73957f5b.tar.gz
glep-b583e7c1527efe98499ebb449e106d7d73957f5b.tar.bz2
glep-b583e7c1527efe98499ebb449e106d7d73957f5b.zip
glep-0063: Require renewal 2 weeks before expiration
Add a rule requesting renewal of keys at least two weeks before their expiration date, in order to give services time to refresh.
-rw-r--r--glep-0063.rst9
1 files changed, 8 insertions, 1 deletions
diff --git a/glep-0063.rst b/glep-0063.rst
index 9ba778b..ca834a8 100644
--- a/glep-0063.rst
+++ b/glep-0063.rst
@@ -33,6 +33,10 @@ v2
by a single requirement. The rules have been simplified to use
the same maximum time of 900 days for both the primary key and subkeys.
+ An additional rule requesting key renewal 2 weeks before expiration
+ has been added. This is in order to give services and other developers time
+ to refresh the key.
+
v1.1
The recommended RSA key size has been changed from 4096 bits
to 2048 bits to match the GnuPG recommendations [#GNUPG-FAQ-11-4]_.
@@ -83,7 +87,10 @@ not be used to commit.
4. Expiration date on key and all subkeys set to no more than 900 days
into the future
-5. Upload your key to the SKS keyserver rotation before usage!
+5. Key expiration date renewed at least 2 weeks before the previous
+ expiration date
+
+6. Upload your key to the SKS keyserver rotation before usage!
Recommendations
---------------