Best practice for periodic key change?

Hauke Laging mailinglisten at hauke-laging.de
Sat May 7 16:06:16 CEST 2011


Am Samstag, 7. Mai 2011, 15:54:21 schrieb MFPA:

> > and since the cost is so
> > low, that there is no point in not having them
> > (assuming, of course, that you separate master and
> > sub-keys).
> 
> You can't assume.

You can very well if you don't claim that for all cases but use this 
assumption for distinguishung between a useful and a useless use if expiration 
dates. AFAIR noone here on the list has claimed that it makes sense (with 
respect to security) to use key expiration dates without offline mainkeys. 
That is an important point in the discussion.


Hauke
-- 
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 555 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20110507/612a7690/attachment.pgp>


More information about the Gnupg-users mailing list