Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cmd/litcli: change default session expiry to 3 months #334

Merged
merged 1 commit into from
Feb 28, 2022
Merged

cmd/litcli: change default session expiry to 3 months #334

merged 1 commit into from
Feb 28, 2022

Conversation

guggero
Copy link
Member

@guggero guggero commented Feb 23, 2022

The default expiry of one hour was way too short for anything practical
and we increase it to 90 days which is almost three months.
The user can still override this value manually by specifying the flag.

@guggero
cmd/litcli: change default session expiry to 3 months
a37b563 
The default expiry of one hour was way too short for anything practical
and we increase it to 90 days which is almost three months.
The user can still override this value manually by specifying the flag.
jamaljsr
jamaljsr approved these changes Feb 23, 2022
View reviewed changes
Copy link
Member

@jamaljsr jamaljsr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

tACK LGTM 👍

@Roasbeef
Copy link
Member

As mentioned offline, won't matter once the second handshake is introduced into LNC, but good to patch this up now so people don't need to regenerate pairing phrases if they don't immediately use one of them.

@guggero
Copy link
Member Author

guggero commented Feb 24, 2022

Hmm, I think I missed or misunderstood that part. So the expiry was always thought of as "maximum time until first use/pairing" and not as "make sure a session cannot be used indefinitely by adding a maximum lifetime"? Or would we instead implement the maximum lifetime (once the second handshake is implemented) through a macaroon caveat? Or would a session be "valid until manually revoked"?

@Roasbeef
Copy link
Member

Hmm, I think I missed or misunderstood that part.

Ah no it's me that's misunderstanding, you're correct in that after we introduce the second handshake, this all still applies.

@Roasbeef
Copy link
Member

The only other change that'll come along with the second handshake is that we'd disallow using the pairing phrase again (naive impl would be just to delete/forget it on the server side).

ellemouton
ellemouton approved these changes Feb 28, 2022
View reviewed changes
Copy link
Member

@ellemouton ellemouton left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

tACK 🚀

@guggero guggero merged commit 0f7b1ec into master Feb 28, 2022
@guggero guggero deleted the cli-default-expiry branch June 27, 2022 17:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ellemouton ellemouton ellemouton approved these changes

@jamaljsr jamaljsr jamaljsr approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@guggero @Roasbeef @jamaljsr @ellemouton