'Re: [gentoo-dev] validity of manifest signing key'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       gentoo-dev
Subject:    Re: [gentoo-dev] validity of manifest signing key
From:       Marc Schiffbauer <mschiff () gentoo ! org>
Date:       2011-06-26 14:21:17
Message-ID: 20110626142117.GD2127 () lisa ! schiffbauer ! lan
[Download RAW message or body]


* Dane Smith schrieb am 25.03.11 um 12:35 Uhr:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On 03/25/2011 05:47 AM, Thomas Kahle wrote:
> > Hi,
> > 
> > it says here http://www.gentoo.org/doc/en/gnupg-user.xml#doc_chap2 that
> > the validity should be <6 month.  What is the protocol when the expiry
> > date is approaching?
> > 
> > -) Extend expiry date and upload again?
> > -) Create new key (and sign with ?? ) ?
> > 
> > Cheers,
> > Thomas
> > 
> 
> Traditionally you start using your new key the day your old key expires.

Do you really mean a new key? This is not required. You can extend
the validity once you come close the expiry date (or do it after the
key has expired). 

-Marc
-- 
8AAC 5F46 83B4 DB70 8317  3723 296C 6CCA 35A6 4134

[Attachment #3 (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic