Page MenuHome GnuPG

Kleopatra: Configurable default for certification expiry
Closed, ResolvedPublic

Description

When certifying certificates you can already set an expiry time. The main use case for that is that if you are some kind of company CA that certifies the employees keys you want to enforce validity settings based on your company guidelines so that when an employee later extends their certificate this extension needs to be validated by you as the CA again.

A setting for that would reduce the steps such a person would always need to check / click.

Event Timeline

aheinecke created this task.
aheinecke added a project: Restricted Project.

Eva this is a bit related to the certification documentation and we talked about this last week.

I suppose this means that, optionally, the certification should expire at the same date/time as the current validity of the certificate. Or shall this be a configurable fixed validity period of certifications?

This can be a fixed validity period of the certifications. So like 3 years. Even if the user has set the certificate to be valid for only one year the user could then extend it in my opinion to the full 3 years before the certification loses the validity.

ikloecker renamed this task from Kleopatra: Confiugurable default for certification expiry to Kleopatra: Configurable default for certification expiry.Apr 24 2023, 12:32 PM
ikloecker claimed this task.
ikloecker moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.

The default validity of certifications is now configurable via the setting CertificationValidityInDays in the group [Certification]. It cannot be configured in the UI.

ikloecker changed the task status from Open to Testing.Apr 25 2023, 11:39 AM
ikloecker removed ikloecker as the assignee of this task.
ikloecker moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.
ebo claimed this task.
ebo moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.

works