expired PGP keys in handbook

dougb at freebsd.org dougb at freebsd.org
Thu Sep 9 23:01:43 UTC 2010

On 9/8/2010 11:05 AM, Tilman Keskinöz wrote:
> Hello doc people
> While updating my expired PGP key, i noticed i am not the only one:
> grep "expires: 200" doc/share/pgpkeys/* | grep -v sub | wc -l
>        11
> Maybe those committers that are still active should be poked to update
> their keys.

The best way to approach this is to poke people on an individual basis. 
I do this from time to time, but try not to do it so often as to be 
*overwhelmingly* annoying. :)  Perhaps if I was not the only one doing 
it people would begin to see that this is an important area to keep up 
to date.

OTOH, there is sometimes a valid reason to keep an expired key in the 
project keyring if that key has signed things in the past that we want 
to be able to easily verify signatures for in the future.

OTOOH, there is hardly ever a good reason to set an expiration date for 
a key, and most people would be better served simply removing the expiry 
and pushing out the updated key. :)



	... and that's just a little bit of history repeating.
			-- Propellerheads

	Improve the effectiveness of your Internet presence with
	a domain name makeover!    http://SupersetSolutions.com/

More information about the freebsd-doc mailing list