[Dev] certificates have been renewed

Michał Masłowski mtjm at mtjm.eu
Thu Feb 21 21:15:17 GMT 2013

>> This doesn't suggest them being updated, we could remove them and use
>> the *.parabolagnulinux.org certificates.
> no, i just renewed the keys i mentioned

Ok, I've changed it to use the wildcard certificate.

>> We could have one key pair at once on both servers, renew the public key
>> once per six months and replace the private key once or twice per year.
>> Having more than one key per server leads to forgotten keys like the
>> mail one.  Two separate keys one for each server will have overlapping
>> names, so they shouldn't be more secure than one key for both.
> why would it be necessary to change keys? for security problems?

I don't remember where I have read that it's useful for security.  It's
not harder to replace both keys from user's usability point of view.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 835 bytes
Desc: not available
URL: <https://lists.parabola.nu/pipermail/dev/attachments/20130221/197603ea/attachment.sig>

More information about the Dev mailing list