From fb7eef011cc672f1884bcfcd4c859a549d8f3e49 Mon Sep 17 00:00:00 2001 From: Ruben Pollan Date: Tue, 31 Oct 2017 11:02:00 +0100 Subject: [feat] extend the expiration of private keys if needed Check on every fetch of the private key if the expiration is less than two months before it expire. And extend the expiration if needed. - Resolves: #8217 --- docs/changelog.rst | 1 + docs/keymanager/index.rst | 10 ++++++++++ 2 files changed, 11 insertions(+) (limited to 'docs') diff --git a/docs/changelog.rst b/docs/changelog.rst index 20c6b7d6..4b2558a2 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -7,6 +7,7 @@ Changelog Features ~~~~~~~~ +- `#8217 `_: renew OpenPGP keys before they expire. - Set a windows title, so that Bitmask windows can be programmatically manipulated. Misc diff --git a/docs/keymanager/index.rst b/docs/keymanager/index.rst index 5bc66b6f..033292d5 100644 --- a/docs/keymanager/index.rst +++ b/docs/keymanager/index.rst @@ -47,6 +47,16 @@ Currently Bitmask can discover new public keys from different sources: Other methods are planned to be added in the future, like discovery from signatures in emails, headers (autocrypt spec) or other kind of key servers. +Key expiration dates +-------------------- + +KeyManager creates the OpenPGP key with the default expiration of gnupg, that currently is 2 years after the key creation. We want keys with expiration date, to be able to roll new ones if the key material get lost. + +We will reduce the default expiration lenght in the future. That will require the rest of OpenPGP ecosystem to have good refresh mechanisms for keys, situation that is improving in the last years. + +KeyManager extends one year the expiration date automatically two months before the key gets expired. + + Implementation: using Soledad Documents --------------------------------------- -- cgit v1.2.3