Rotate actor key once a day by default, instead of once an hour
I'm not sure what the best balance is, but once an hour may end up causing a lot more key re-fetch requests coming from other servers. I prefer to default to once a day for now (maybe even once a week) and tighten it later if needed. Caveat: If an instance key is rotated once a day, there's no change-key-right-after-toot-deletion thing for deniability. Potentially, rotation may happen only 24 hours after that deletion, which is much more than 1 hour. On the other hand, it's a whole instance key, not personal key of the actor.
This commit is contained in:
parent
8ac559d064
commit
fbc9ad2b30
1 changed files with 1 additions and 1 deletions
|
@ -42,7 +42,7 @@ request-time-limit:
|
||||||
# How often to generate a new actor key for HTTP-signing requests
|
# How often to generate a new actor key for HTTP-signing requests
|
||||||
actor-key-rotation:
|
actor-key-rotation:
|
||||||
amount: 1
|
amount: 1
|
||||||
unit: hours
|
unit: days
|
||||||
|
|
||||||
###############################################################################
|
###############################################################################
|
||||||
# Development
|
# Development
|
||||||
|
|
Loading…
Reference in a new issue