From fbc9ad2b30d08dcb8283f49c7708fa284aeb14fb Mon Sep 17 00:00:00 2001 From: fr33domlover Date: Thu, 7 Feb 2019 23:28:39 +0000 Subject: [PATCH] Rotate actor key once a day by default, instead of once an hour I'm not sure what the best balance is, but once an hour may end up causing a lot more key re-fetch requests coming from other servers. I prefer to default to once a day for now (maybe even once a week) and tighten it later if needed. Caveat: If an instance key is rotated once a day, there's no change-key-right-after-toot-deletion thing for deniability. Potentially, rotation may happen only 24 hours after that deletion, which is much more than 1 hour. On the other hand, it's a whole instance key, not personal key of the actor. --- config/settings-default.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/settings-default.yaml b/config/settings-default.yaml index 7f8e8a6..4719090 100644 --- a/config/settings-default.yaml +++ b/config/settings-default.yaml @@ -42,7 +42,7 @@ request-time-limit: # How often to generate a new actor key for HTTP-signing requests actor-key-rotation: amount: 1 - unit: hours + unit: days ############################################################################### # Development