RFC on issue 2701, default expiration time for new keys
Ximin Luo
infinity0 at pwned.gg
Fri Dec 9 15:29:00 CET 2016
Peter Lebbing:
> On 09/12/16 14:55, Justus Winter wrote:
>> [...] 5) adds subkeys to an
>> existing key. Both allow one to specify an expiration time (optional,
>> or '-' to explicitly select the default, or the key words 'never' and
>> 'none'). By default the keys generated using this way do not expire.
>> I'd like to change that as well.
>
> What's the purpose of putting an expiry date on the subkeys? I thought
> this was mainly to deal with losing access to the private key material.
> Isn't that only relevant for the primary key?
>
No, some people like to split their secret master keys and subkeys. You can do --export-secret-subkeys then selectively import the subkeys.
X
--
GPG: ed25519/56034877E1F87C35
GPG: rsa4096/1318EFAC5FBBDBCE
https://github.com/infinity0/pubkeys.git
More information about the Gnupg-devel
mailing list