RFC on issue 2701, default expiration time for new keys

ilf ilf at zeromail.org
Wed Dec 7 14:33:29 CET 2016

Justus Winter:
> I decided that it is a bad idea to let users create keys that don't 
> expire (unless they want to hang themself with --expert).


> This now begs the question what a good default expiration time is.

The "OpenPGP best practices" document currently sais "less than two 

I would propose one or two years, but that's without hard data. I'm sure 
dkg will come up not only with the correct time, but also the right 
reasons. :)


Über 80 Millionen Deutsche benutzen keine Konsole. Klick dich nicht weg!
		-- Eine Initiative des Bundesamtes für Tastaturbenutzung
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: </pipermail/attachments/20161207/09fd3381/attachment.sig>

More information about the Gnupg-devel mailing list