RFC on issue 2701, default expiration time for new keys

Justus Winter justus at g10code.com
Mon Dec 12 10:48:53 CET 2016

Tobias Mueller <muelli at cryptobitch.de> writes:

> On Wed, Dec 07, 2016 at 01:23:42PM +0100, Justus Winter wrote:
>> inspired by the talk on OpenKeychain UX decisions at the OpenPGP
>> conference,  I decided that it is a bad idea to let users create keys
>> that don't expire (unless they want to hang themself with --expert).
>> This now begs the question what a good default expiration time is.
>> Thoughts?
> What does OpenKeychain do?

Hard to tell, I just tried to create a new key, and I have not been
asked for an expiration time on the master key, nor have I found a way
to view the expiration time of existing master keys.  It is possible to
configure expiration times for the subkeys, which do not expire by

> Were they asked to provide input reg. that question?


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 487 bytes
Desc: not available
URL: </pipermail/attachments/20161212/4a5698d7/attachment-0001.sig>

More information about the Gnupg-devel mailing list