On 01/19/2016 09:16 AM, Patrick Brunschwig wrote:
On 19.01.16 04:36, Doug Barton wrote:
I switched to a more recent nightly build tonight, and got this
helpful piece of advice:
Your key [...] will expire in less than 30 days.
We recommend that you create a new key pair and configure the
corresponding accounts to use the new key
I'm not sure where the idea that keys who are close to their expiry
date should be scrapped and replaced came from, but it's something
we need to stomp out, not encourage.
Instead, the advice should be to extend (or better yet, eliminate)
the expiry, and republish to the key servers.
I don't agree to your statement. If you create a key in Enigmail, it
is valid for 5 years by default. I consider it good practice to
replace a key after this period.
Why?
If you are an advanced user, you can
also create new subkeys, but that's not the target audience I have in
mind with this warning.
I agree that we should not be advocating new subkeys for un-advanced users.
And I am strongly against completely deleting the expiry date from a
key. This is the opposite of what I would want to propose to the users.
Meanwhile, there is a problem with the routine itself ... they key
in question has already expired. I'm not sure if that's a problem
with the detection code, or if there is simply no message other
than the one presented. But either way it should be fixed.
The check is ignorant to keys that have already expired but are still
configured. The message is only shown if upon upgrading to v1.9 such a
configuration exists. I decided that I leave the message in its pretty
simple form because the code would get significantly more complex if
I'd have to solve this properly for a pretty small benefit.
Avoiding user confusion is not a small benefit. :) But you also answered
another question about how often the check is run, so thanks.
I was sort of hoping that this was part of a "periodic" check of the
user's key(s), but then I started pondering how frequent such a check
should be, and how to trigger it inexpensively, and couldn't come up
with good answers. I'm sure someone who knows the code better probably
could ...
Meanwhile, I'm concerned that by making expiration dates not only the
default, but the recommendation, that we're going farther down the road
of making things more complicated than they need to be for users who are
not advanced. I'm interested to hear your reasoning on this.
Doug
_______________________________________________
enigmail-users mailing list
[email protected]
To unsubscribe or make changes to your subscription click here:
https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
