Just to add my two cents without addressing any specific person's comments. This is my mindset on the whole whitelist/no/expire/etc:
1. Whitelist only sites you go to CONSTANTLY (daily or at least high frequency) AND you trust it (logic to follow if not obvious already)
2. Don't whitelist a site, even if you trust it unless its frequent use, just temp allow it (logic to come later)
3. Mark untrusted items you encounter through regular and constant interaction BUT not every single thing (#2 logic applies, will follow)
Simple as that and the following logic has kept me lean, efficient, to the point, completely safe and not bogged down with performance issues. #1, this allows you to efficiently and without having to constantly add/remove sites you visit regularly and can easily notice if something is wrong, from a productivity angle, this is sufficient, so why #2 then?
#2, making the list too long, even if you trust the sites you are putting on there, when you don't visit them regularly is a performance issue, the longer your list, the more parsing, the longer it takes and the more things can go wrong, its simple common sense. In this case temp allowing things you don't visit often will help you keep the performance and chances of list corruption to a minimum and a simple closing the browser, poof they are gone. Ok, maybe I agree but why #3 then?
#3, has the same common sense approach as #2 with regard to list length and performance and corruption. Also, unless you are encountering the "bad" site constantly and each and every day, why have the sites validate against a huge list slowing performance or possible false positives, there are so many more ways to block bad sites than putting them on the untrusted list as a general blanket.
Anyway, that's my thinking and therefore makes the whole make whitelist/untrusted items expire thing moot to me. If you had a reason to put it there, then it should be up to you to take the time to remove it, not have it be done for you on a schedule, that defeats the purpose of why its there to begin with. Many of you know that I consider safety a proactive thing and it should NOT be easy or complacency sets in and people fall into grooves of false sense of security. If you take the time to evaluate it, put it on there or remove it willfully and intentionally, then you are more likely to be safe, happy and KNOW what you got going on. There is no surprises, no "oh I thought it was blocked", or "oh I thought that was allowed", so on and so forth. </end blabbing>
Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:188.8.131.52) Gecko/2009060215 Firefox/3.0.11