Comment by sandeepkd
12 hours ago
I think the take on key lifetime is premature which taking into consideration
1. How key is used
2. Whats the threat vector
3. Cost of key rotation
4. Cost of key verification
At the end of the day its a trade off, the business use case, your expertise and the risk have to be evaluated together
No comments yet
Contribute on Hacker News ↗