From owner-freebsd-doc@FreeBSD.ORG Thu Sep 9 23:01:43 2010 Return-Path: Delivered-To: freebsd-doc@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C066F106567A for ; Thu, 9 Sep 2010 23:01:43 +0000 (UTC) (envelope-from dougb@freebsd.org) Received: from mail2.fluidhosting.com (mx21.fluidhosting.com [204.14.89.4]) by mx1.freebsd.org (Postfix) with ESMTP id 4BD7A8FC15 for ; Thu, 9 Sep 2010 23:01:43 +0000 (UTC) Received: (qmail 10653 invoked by uid 399); 9 Sep 2010 23:01:42 -0000 Received: from localhost (HELO ?192.168.0.142?) (dougb@dougbarton.us@127.0.0.1) by localhost with ESMTPAM; 9 Sep 2010 23:01:42 -0000 X-Originating-IP: 127.0.0.1 X-Sender: dougb@dougbarton.us Message-ID: <4C896758.90505@freebsd.org> Date: Thu, 09 Sep 2010 16:01:44 -0700 From: dougb@freebsd.org User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.9) Gecko/20100825 Thunderbird/3.1.3 MIME-Version: 1.0 To: =?ISO-8859-1?Q?Tilman_Keskin=F6z?= References: <4C87D051.1090806@FreeBSD.org> In-Reply-To: <4C87D051.1090806@FreeBSD.org> X-Enigmail-Version: 1.1.1 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit Cc: freebsd-doc@FreeBSD.org Subject: Re: expired PGP keys in handbook X-BeenThere: freebsd-doc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Documentation project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Sep 2010 23:01:43 -0000 On 9/8/2010 11:05 AM, Tilman Keskinöz wrote: > Hello doc people > > While updating my expired PGP key, i noticed i am not the only one: > > grep "expires: 200" doc/share/pgpkeys/* | grep -v sub | wc -l > 11 > > Maybe those committers that are still active should be poked to update > their keys. The best way to approach this is to poke people on an individual basis. I do this from time to time, but try not to do it so often as to be *overwhelmingly* annoying. :) Perhaps if I was not the only one doing it people would begin to see that this is an important area to keep up to date. OTOH, there is sometimes a valid reason to keep an expired key in the project keyring if that key has signed things in the past that we want to be able to easily verify signatures for in the future. OTOOH, there is hardly ever a good reason to set an expiration date for a key, and most people would be better served simply removing the expiry and pushing out the updated key. :) Doug -- ... and that's just a little bit of history repeating. -- Propellerheads Improve the effectiveness of your Internet presence with a domain name makeover! http://SupersetSolutions.com/