Renewing expiring key - done correctly?

Johannes Zarl johannes at zarl.at
Wed Dec 4 00:39:46 CET 2013


On Wednesday 04 December 2013 00:20:10 Hauke Laging wrote:
> Am Mi 04.12.2013, 00:00:21 schrieb Johannes Zarl:
> > Sorry for asking a possibly stupid question, but how exactly does a
> > shorter
> > validity period get you more security?
> 
> This is the security against the possibility that
> 
> a) the key has been compromised and revoked and you don't know that (because
> your last certificate update was before the revocation publishing)

Ok.

> b) the key has been compromised and cannot be revoked (because the owner has
> lost access to the secret mainkey and has neither a revocation certificate
> nor a (usable) designated revoker)

Isn't that just a false sense of security? After all, if the key has been 
compromised, the attacker can just prolong the validity like the real owner 
would do (I guess even after the key has been expired).

> Imagine a certificate which is always prolonged for just one day. If this
> gets compromised then it will not be prolonged any more (at least not by
> its owner but we all love our highly secure offline mainkeys, don't we?) so
> everyone will notice that within hours.

I'm not sure if I get that example. To me it seems either that the attacker 
can just renew the key as the owner would (entire key is compromised), or that 
the owner can just issue a revocation certificate (only subkey is 
compromised).

> On the other hand imagine a certificate which never expires and a lazy user
> (who seldom uses that key). Even a year after its revocation the lazy user
> may not have noticed the revocation yet. And thus encrypts critical
> information to the compromised key. Or worse (because the key owner
> wouldn't notice): Uses it to validate software.

Ok, I can see the benefit here.

So in summary, the short validity period is essentially a reminder for people 
to regularly check whether the key has been revoked. And the security lies not 
in the expiry in itself, but in forcing people to refresh their keyrings.

Thanks!
  Johannes



More information about the Gnupg-users mailing list