confusion in ank.

Russ Allbery rra at stanford.edu
Mon Apr 23 13:59:06 EDT 2007


Daniel Kahn Gillmor <dkg-mit.edu at fifthhorseman.net> writes:

> i agree that it's worthwhile to support expiration policy for
> randomly-generated keys.

I do too.  Audits often require that one rekey a system on a periodic
basis, and being able to enforce that with expiration policy is useful.

-- 
Russ Allbery (rra at stanford.edu)             <http://www.eyrie.org/~eagle/>



More information about the Kerberos mailing list