On 06/18/2013 10:15 AM, Pierre-Yves Chibon wrote:
One year seems a lot to me. That's one year when someone can
build
packages and we have no way of saying whether it is our fellow Fedora
contributor or not.
I would be better around 3 months, 6 months max.
How is this safer? How this differ from 30 days or even one day?
If user token is compromised then it is his duty to generate new token
(which will automatically invalid previous token).
Lets assume super idiot user who will generate new token and
intermediately post in on Facebook. It actually then does not matter if
expiration period is two days or 30 days or one year.
If one user account is compromised only his repos will be compromised.
No one should be affected. It will be fault of such users.
Can we rather assume that our users are smart? And instead of bothering
them to regenerate token every month, provide them with tools to detect
that they account has been compromised. E.g provide them list of IP
address which used their account.
Do you agree?
Mirek