Should new GPG keys be defaulted to expire?
Reported by C Fraire | February 29th, 2012 @ 06:15 PM | in 1.0 (closed)
Hi. I was wondering whether GPG Keychain Access should default to creating keys with a five year expiration.
The GNU Privacy Handbook advised "For most users a key that does not expire is adequate." And command-line gpg defaults to non-expiring.
GPG Keychain Access defaults to a five year expiration and hides is under Advanced Options.
What are the thoughts?
Comments and changes to this ticket
-
steve February 29th, 2012 @ 06:22 PM
- State changed from “new” to “wontfix”
Hey C,
you input is very helpful and valuable to us. Just a general note: for such things as this it is not actually a bug but rather a feature request or a topic that needs to be discussed or a general question. All those things better fit on the support platform since we try to keep this ticket system as clean as possible.
Then others can chime in and it is a great way to exchange thoughts. The ticket system is not the place for that.
To answer your question: We believe that expiring keys might suit first time users best, because any mistakes you make with your first key won't hurt in the far future (e.g. should you loose your sec key or whatever else could happen). That's why we set the expiration date to five years.
If you still want to exchange further thoughts on this, no problem: just open a discussion on http://support.gpgtools.org/
-
steve June 18th, 2015 @ 01:22 PM
- State changed from “wontfix” to “released”
- Importance cleared.
Please Sign in or create a free account to add a new ticket.
With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.
Create new ticket
Create your profile
Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป
C Fraire
steve