On Tue, 2013-06-18 at 10:12 +0200, Miroslav Suchy wrote:
I wonder why API token has expiration time just 30 days?
It seems too short for me.
E.g. Amazon have token without expiration (AFAIK). Fedora koji cert is
valid for one year.
Can we have expiration time longer? E.g. one year? Objections?
One year seems a lot to me. That's one year when someone can build
packages and we have no way of saying whether it is our fellow Fedora
contributor or not.
I would be better around 3 months, 6 months max.
Pierre