First steps with GPG, am I off to a good start?

Hauke Laging mailinglisten at hauke-laging.de
Sat Oct 12 04:22:29 CEST 2013


Am Fr 11.10.2013, 19:09:19 schrieb Doug Barton:
> On 10/10/2013 06:32 PM, Hauke Laging wrote:
> | I know of no good reason for creating a mainkey without expiration date.
> 
> I know of no good reason to use expiration dates at all.
> 
> Most end users don't know how to properly refresh their key rings,

So avoiding the "I'm an idiot" message is not a good idea but not teaching 
people simple tasks is. I beg to differ.


> you extend the expiration date you will simply inconvenience anyone who
> is trying to communicate with you via encryption,

I don't care much about people who are not willing to learn how to use the 
tools right. The tools can be made easier, information can be made easier to 
access, the number of people who can be asked should anyway be increased by 
orders of magnitude (unfortunately, that's the hard part).

If someone is neither willing to do it right nor willing to ask somebody then 
I will certainly not reduce security or convenience for the other ones just to 
do him a favor. The aim of my recommendations is to make the whole crypto 
environment better not to please single people.


> And what is the threat model that expirations are supposed to cover
> anyway?

If there is a real threat then it is probably rarely going to happen. But the 
point is: Threats are not the only argument for crypto recommendations.


Hauke
-- 
Crypto für alle: http://www.openpgp-schulungen.de/fuer/bekannte/
OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 572 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20131012/3bee2f09/attachment.sig>


More information about the Gnupg-users mailing list