RekeySecretAdminMonitor should be generalized so that done is not a simple boolean, but a numeric counter which gets compared to a constant that is incremented each time we ship a security fix that might have compromised master.key. The call to isUpgradedFromBefore(new VersionNumber("1.496.*")) needs to be somehow changed. And Messages.pleaseRekeyAsap needs to be generalized.

Probably there should also be a button in /configureSecurity allowing an admin to initiate rekeying at any other time that they suspect keys might have been compromised.