| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAHk-=wiaA0JL0TshZpQOwRoPsmRT7xKoHniv8gkdTdn+LF3oXA@mail.gmail.com>
Date: Fri, 8 Sep 2023 21:57:55 -0700
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: Matthew Wilcox <willy@...radead.org>
Cc: linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org,
linux-mm@...ck.org
Subject: Re: [GIT PULL] XArray for 6.6
On Fri, 8 Sept 2023 at 10:44, Matthew Wilcox <willy@...radead.org> wrote:
>
> I had to update the expiration on my signing key. I don't know if you
> pay attention to that, or whether my attempts to get my updated expiration
> date into the system were successful.
I'm sadly much too used (resigned?) to pgp keys being expired, so I
mostly ignore it, apart from the occasional internal swearing at
people who thought it was ever a good idea.
So exactly because the pgp key server infrastructure works so badly
these days, may I suggest either getting rid of expiration dates, or
at least putting them *far* in the future?
Honestly, the argument for expiration dates was never very strong, and
with how badly updates work, the constant low-grade annoyance from
them isn't worth it.
Because no, a "gpg --refresh" certainly did *not* get any expiration
day updates here. So your key does indeed show that it is expired for
me.
Which just should drive home how #$!* useless those expiration dates
are. Really.
So again - please stop expiring your keys, at least in any foreseeable
near future. The pgp key infrastructure isn't set up for it.
Make the expiration date go away, or make it a decade or two in the
future, and maybe it will show as active and valid some day.
Linus
Powered by blists - more mailing lists