On Mon, 31 Jan 2011 14:12:24 -0500, nicolas vigier <[email protected]> wrote:
So the only use of expiration date I see is to check that the key was updated from keyserver recently. Maybe we can set a short expiration time (15 days ?), and have something in cron to update it a few days before it expire ?
What about systems that are not connected to the internet? I see no point in having the key expire. If a person chooses to install an old version after the release has reached end of life, that is their choice. They shouldn't have to jump through hoops, just to get the installer to run. If a key gets compromised, it gets revoked, and the revocation certificate gets distributed as an update, along with a new key. Regards, Dave Hodgins
