Q1. What is the problem that you are trying to solve?
Currently there is no way to replace the key of a user if it has been compromised, lost or expired.
Q2 - Who is impacted?
Everyone, especially people that have set expiry date on gpg keys.
Q3 - Why is it important and/or urgent?
It is part of good key hygiene to rotate keys.
Q4 - What is your proposed solution? (optional)
TBD
Here’s a current workaround:
In the meantime you could create another user and transfer your passwords to them and then switch to that user.
In order to change the private key passphrase you can export your private key, change the passphrase in another gpg compatible tool (gnupg command line tool for example), then do a recover and import the udpated key.
Most (all ?) serious PKI setup expiry dates to the keys they deliver.
It could be hard to promote passbolt as a serious secret manager if it considers that a key never expires…
True. One could argue that Passbolt should have never been released without this feature, just because it kinda works. I’m still thankful they released PB. Still, this feature needs to come.
Must have: this is critical for me to have this
Should have: this is important for me to have this
Could have: this could be nice to have
Won’t have: we should not schedule this (explain why)