| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 20 Jan 2024 11:35:18 -0800
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: James Bottomley <James.Bottomley@...senpartnership.com>
Cc: Andrew Morton <akpm@...ux-foundation.org>, linux-scsi <linux-scsi@...r.kernel.org>,
linux-kernel <linux-kernel@...r.kernel.org>
Subject: Re: [GIT PULL] final round of SCSI updates for the 6.7+ merge window
On Sat, 20 Jan 2024 at 11:09, James Bottomley
<James.Bottomley@...senpartnership.com> wrote:
>
> It also seems that this magic option combination works better (just
> tried it on an old laptop that had my expired keys)
>
> gpg --auto-key-locate clear,dane --locate-external-key james.bottomley@...senpartnership.com
So now I have a new subkey.
However, I note that you really do not seem to have gotten the message:
sub nistp256 2018-01-23 [S] [expires: 2026-01-16]
E76040DB76CA3D176708F9AAE742C94CEE98AC85
WTF? What happened to "stop doing these idiotic short expirations"?
What's the advantage of all this stupid and pointless pain? Why didn't
you extend it by AT LEAST five years?
Has the expiration date *EVER* had a single good reason for it?
>From a quick git lookup, in the last year I have pulled from 160
people. Imagine if they all set two-year expiration dates. Do the
math: I'd see pointlessly expired keys probably on average once or
twice a week.
Guess why I don't? BECAUSE NOBODY ELSE DOES THAT POINTLESS EXPIRY DANCE.
Why do you insist on being the problem?
Stop it. Really. I'm tired of the pointless extra work. PGP keys are a
disaster, and you keep on making things worse than they need to be.
Linus
Powered by blists - more mailing lists