expiring gpg keys

David Shaw dshaw at jabberwocky.com
Sat Jan 24 21:07:21 CET 2009


On Jan 24, 2009, at 2:15 PM, David Newman wrote:

> Michael Lucas' gpg/pgp book recommends setting a relatively short
> expiration time, such as a year, for personal keys.
>
> Would an expired key still work into the future? If, for example, I
> sign/encrypt a file today using a key that expires next year, would  
> I be
> able to decrypt the file three years from now?

Yes.

> I've been using a key that never expires to sign/encrypt mail and  
> files
> on the assumption that keys with discrete lifetimes don't work after
> their expiration dates.

That is not the case.  You won't be able to make new signatures or  
encrypt new files with an expired key, but you can still verify old  
signatures and decrypt old files after expiration.

David




More information about the Gnupg-users mailing list