vcs:commit-signing
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revision | |||
vcs:commit-signing [2021/04/01 14:56] – log.showSignature pollita | vcs:commit-signing [2021/04/01 16:48] (current) – improve documentation around key expiration bishop | ||
---|---|---|---|
Line 341: | Line 341: | ||
==== Do I need a passphrase? ==== | ==== Do I need a passphrase? ==== | ||
- | Yes. If you' | + | Yes. If your private key falls into the wrong hands, they' |
==== Should my key expire? ==== | ==== Should my key expire? ==== | ||
- | This guide created an immortal key (see step 2). If you are sufficiently paranoid and do not mind periodic bookkeeping, then by all means create a key that is short lived. An expired key acts like a deleted | + | This guide created an immortal key (see step 2), because //for this use case// [[https:// |
- | + | ||
- | As part of regular | + | |
+ | As part of regular security hygiene, however, consider creating a new key and replacing the old one at GitHub annually. | ||
vcs/commit-signing.1617288969.txt.gz · Last modified: 2021/04/01 14:56 by pollita