Open Stack

On May 14, 2013, at 10:06 PM, John Wood <john.wood at RACKSPACE.COM> wrote:

> Related to the previous email, what attributes of a secret can be modified after it is created?  It seems that only the expiration date could be modified, but perhaps that needs to be restricted to just null to non-null-date transitions (i.e. more restrictive)?  
> 
> Thanks,
> John

Should we even allow alteration of existing secrets at all? Maybe secret expiry should be immutable from the moment of creation? If you want your secret to not expire (or expire later) you could then create another one and begin encrypting your data with that (even if it ends up being the same key under the hood).

-Paul