Renewing expiring key - done correctly?
Hauke Laging
mailinglisten at hauke-laging.de
Wed Dec 4 01:53:46 CET 2013
Am Di 03.12.2013, 19:03:13 schrieb Robert J. Hansen:
> 1. The attacker can just extend the validity himself. He's
> successfully compromised the key, after all.
Sure but it makes little sense to play best practice in one part of key
management (expiration) and simultaneously worst practice (online mainkey) in
a much more important part of key management.
Hauke
--
Crypto für alle: http://www.openpgp-schulungen.de/fuer/unterstuetzer/
http://userbase.kde.org/Concepts/OpenPGP_Help_Spread
OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 572 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20131204/57e57282/attachment-0001.sig>
More information about the Gnupg-users
mailing list