Cargo should use TLS certificates instead of tokens. there’s no “prying eyes” issues and there’s built-in expiration, and by allowing multiple client certificates for the same account you still get all the benefits you have today.
this is just a simple way to prevent account/crate hijacking. we already have all the libraries we need for it, both on the crates.io end and the Cargo end, so it’s just a matter of using them to their full extent.
oh yeah and ofc the client has full control over expiration. so they could provide something valid for 100 years and that’d be fine.