|
|
|
|
|
|
by fragmede
1729 days ago
|
|
|
"need to" is a bit much. One should absolutely regenerate keys but to every attackers delight (and every CISO's chagrin), that doesn't make it actually happen. For things that need to be secure, (forced) expiration of keys is an important part of the system as a whole. |
|
|