W dniu pią, 06.07.2018 o godzinie 06∶36 +0000, użytkownik Robin H. Johnson napisał: > On Thu, Jul 05, 2018 at 10:53:51PM +0200, Michał Górny wrote: > > Here's third version of the patches. I've incorporated the feedback > > so far and reordered the patches (again) to restore their > > degree-of-compatibility order. The full text is included below. > > ... > > v2 > > The distinct minimal and recommended expirations have been replaced > > by a single requirement. The rules have been simplified to use > > the same time of 2 years for both the primary key and subkeys. > > -the same time of 2 years ... > +the same 2 year maximum renewal time ... > > > An additional rule requesting key renewal 2 weeks before expiration > > has been added. This is in order to give services and other developers > > time > > to refresh the key. > > Do we want to state that infra will start contact devs before this, or > keep that as an implementation detail?
Implementation detail. > > > 4. Expiration date on key and all subkeys set to at most 2 years > > -at most 2 years. > +at most 2 years from generation or refresh of expiry. Now, this won't really work because it's self-propagating date. You're soon going to see keys with 10 years to expiration because if you update the date 5 times from 'refresh of expiry', that's what you get. I get what you're trying to say but I can't really think of a sane way of stating that. Maybe I should just explicitly state '(plus the period specified in point 5)'. > > > Recommendations > > --------------- > > ... > > 3. Key expiration renewed annually > > Can we please suggest it's updated to a fixed day of the year? Sure. > > > Gentoo LDAP > > =========== > > ... > > All Gentoo developers must list the complete fingerprint for their primary > > keys in the "``gpgfingerprint``" LDAP field. It must be exactly 40 hex > > digits, > > uppercase, with optional spaces every 8 hex digits. Regular expression for > > validation:: > > Can we please drop the spaces in the field in LDAP. I don't care if we > display it with spaces, but dropping them in LDAP would be helpful. I'm all for it. I really do wonder how they ended up there in the first place. > > > Copyright > > ========= > > Copyright (c) 2013 by Robin Hugh Johnson, Andreas K. Hüttel, Marissa > > Fischer. > > Please update the copyright date: > 2013,2018 > and add yourself as a copyright owner for the scale of these changes. > -- Best regards, Michał Górny
signature.asc
Description: This is a digitally signed message part